4.7
CVE-2023-4732
- EPSS 0.01%
- Veröffentlicht 03.10.2023 17:15:09
- Zuletzt bearbeitet 21.11.2024 08:35:51
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version <= 5.13.19
Redhat ≫ Codeready Linux Builder Version8.0
Redhat ≫ Codeready Linux Builder For Arm64 Version8.0_aarch64
Redhat ≫ Codeready Linux Builder For Power Little Endian Version8.0_ppc64le
Redhat ≫ Enterprise Linux Version8.0
Redhat ≫ Enterprise Linux For Arm 64 Version8.0_aarch64
Redhat ≫ Enterprise Linux For Ibm Z Systems Version8.0_s390x
Redhat ≫ Enterprise Linux For Power Little Endian Version8.0_ppc64le
Redhat ≫ Enterprise Linux For Real Time Version8.0
Redhat ≫ Enterprise Linux For Real Time For Nfv Version8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.004 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| secalert@redhat.com | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
CWE-366 Race Condition within a Thread
If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined.