Lucene search

[email protected]NVD:CVE-2023-2430

HistoryJul 23, 2023 - 2:15 a.m.

CVE-2023-2430

2023-07-2302:15:11

CWE-413

CWE-667

[email protected]

web.nvd.nist.gov

vulnerability

linux kernel

io_uring.c

iopoll flaw

denial of service

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of Service threat.

Affected configurations

NVD

Node

linuxlinux_kernelRange<6.2

linuxlinux_kernelMatch6.2-

linuxlinux_kernelMatch6.2rc1

linuxlinux_kernelMatch6.2rc2

linuxlinux_kernelMatch6.2rc3

linuxlinux_kernelMatch6.2rc4

References

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e12d7a46f65ae4b7d58a5e0c1cbfa825cf8

www.debian.org/security/2023/dsa-5492

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-2430

cve1 cnvd1 cbl_mariner1 debiancve1 cvelist1 prion1 redhatcve1 ubuntucve1 ubuntu3 nessus8 openvas7 osv4 photon1 debian1