Lucene search
PRIOn knowledge basePRION:CVE-2023-3640HistoryJul 24, 2023 - 4:15 p.m.
Design/Logic Flaw
2023-07-2416:15:00
PRIOn knowledge base
www.prio-n.com
8
memory access flaw
linux kernel
cpu_entry_area
unauthorized
risk
leak
privilege escalation
A possible unauthorized memory access flaw was found in the Linux kernel’s cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. Based on the previous CVE-2023-0597, the ‘Randomize per-cpu entry area’ feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. However, despite this feature, there is still a risk of per-cpu entry area leaks. This issue could allow a local user to gain access to some important data with memory in an expected location and potentially escalate their privileges on the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| enterprise_linux | eq | 8.0 | |
| enterprise_linux | eq | 9.0 |
Related
nvd
nvd
CVE-2023-3640
2023-07-24 16:15:13
CVE-2023-0597
2023-02-23 20:15:12
debiancve
debiancve
CVE-2023-3640
2023-07-24 16:15:13
CVE-2023-0597
2023-02-23 20:15:12
cve
cve
CVE-2023-3640
2023-07-24 16:15:13
CVE-2023-0597
2023-02-23 20:15:12
ubuntucve
ubuntucve
CVE-2023-3640
2023-07-24 00:00:00
CVE-2023-0597
2023-02-23 00:00:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2023-3640
2023-07-12 16:05:31
CVE-2023-0597
2023-01-31 15:06:19
osv
osv
CVE-2023-3640
2023-07-24 16:15:13
linux-iot vulnerabilities
2023-11-10 10:16:47
fedora
fedora
[SECURITY] Fedora 37 Update: kernel-6.1.9-200.fc37
2023-02-04 01:33:41
[SECURITY] Fedora 36 Update: kernel-6.1.9-100.fc36
2023-02-04 01:19:01
nessus
nessus
Fedora 36 : kernel (2023-c9ab30c8e3)
2023-02-03 00:00:00
Fedora 37 : kernel (2023-4006357f7e)
2023-02-03 00:00:00
Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6462-2)
2023-11-10 00:00:00
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2023-4006357f7e)
2023-02-04 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2023-c9ab30c8e3)
2023-02-04 00:00:00
Ubuntu: Security Advisory (USN-6462-2)
2023-11-13 00:00:00
prion
prion
Memory corruption
2023-02-23 20:15:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2023-07-06 00:00:00
Linux kernel (IoT) vulnerabilities
2023-11-10 00:00:00
Linux kernel vulnerabilities
2023-10-31 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0135
2023-11-03 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2241
2023-10-10 09:26:01
redos
redos
ROS-20230915-10
2023-09-15 00:00:00
ROS-20230904-01
2023-09-04 00:00:00
redhat
redhat
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management
2024-01-12 16:32:54
Security Bulletin: Vulnerabilities in Spring, Tomcat, Jackson, sudo, and Linux kernel can affect IBM Spectrum Protect Plus
2024-03-20 18:36:29
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2023-12-18 18:02:34
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-11-12 00:00:00
kernel security, bug fix, and enhancement update
2023-11-17 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-11-14 00:00:00