5.5
CVE-2023-3161
- EPSS 0.01%
- Published 12.06.2023 20:15:12
- Last modified 11.03.2025 15:15:39
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.2
Linux ≫ Linux Kernel Version6.2 Updaterc1
Linux ≫ Linux Kernel Version6.2 Updaterc2
Linux ≫ Linux Kernel Version6.2 Updaterc3
Linux ≫ Linux Kernel Version6.2 Updaterc4
Linux ≫ Linux Kernel Version6.2 Updaterc5
Linux ≫ Linux Kernel Version6.2 Updaterc6
Fedoraproject ≫ Fedora Version38
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux Version9.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.004 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-1335 Incorrect Bitwise Shift of Integer
An integer value is specified to be shifted by a negative amount or an amount greater than or equal to the number of bits contained in the value causing an unexpected or indeterminate result.
CWE-682 Incorrect Calculation
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.