4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in
drivers/iommu/iommufd/io_pagetable.c.
Author | Note |
---|---|
Priority reason: Exploiting this vulnerability requires access to /dev/iommu, which is limited to root | |
cascardo | vulnerability requires access to /dev/iommu, which is limited to root |
groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ
launchpad.net/bugs/cve/CVE-2023-33250
lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T/
lore.kernel.org/linux-iommu/ZDabT%2FuRl%[email protected]/T/
nvd.nist.gov/vuln/detail/CVE-2023-33250
security-tracker.debian.org/tracker/CVE-2023-33250
www.cve.org/CVERecord?id=CVE-2023-33250
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%