4

CVE-2023-23003

In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.16
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.18
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 0.3 3.6
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 4 0.3 3.6
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
CWE-252 Unchecked Return Value

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
Patch
Vendor Advisory
Mailing List
https://github.com/torvalds/linux/commit/0a515a06c5ebfa46fee3ac519e418f801e718da4
Patch
https://security.netapp.com/advisory/ntap-20230331-0003/
Third Party Advisory