6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CPE | Name | Operator | Version |
---|---|---|---|
linux:linux_kernel | linux linux kernel | eq | - |
[
{
"vendor": "n/a",
"product": "kernel",
"versions": [
{
"version": "unknown",
"status": "affected"
}
]
}
]
www.openwall.com/lists/oss-security/2023/11/05/2
www.openwall.com/lists/oss-security/2023/11/05/3
bugzilla.redhat.com/show_bug.cgi?id=2173403
git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/id=b12fece4c64857e5fab4290bf01b2e0317a88456
lists.debian.org/debian-lts-announce/2023/05/msg00005.html
lists.debian.org/debian-lts-announce/2023/05/msg00006.html
www.openwall.com/lists/osssecurity/2023/01/17/3
6.6 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%