7.1

CVE-2023-53117

fs: prevent out-of-bounds array speculation when closing a file descriptor

In the Linux kernel, the following vulnerability has been resolved:

fs: prevent out-of-bounds array speculation when closing a file descriptor

Google-Bug-Id: 114199369
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.310
LinuxLinux Kernel Version >= 4.15 < 4.19.278
LinuxLinux Kernel Version >= 4.20 < 5.4.237
LinuxLinux Kernel Version >= 5.5 < 5.10.175
LinuxLinux Kernel Version >= 5.11 < 5.15.103
LinuxLinux Kernel Version >= 5.16 < 6.1.20
LinuxLinux Kernel Version >= 6.2 < 6.2.7
LinuxLinux Kernel Version6.3 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.069
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/f31cd5da636682caea424fa1c22679016cbfc16b
Patch
https://git.kernel.org/stable/c/3d5d9501b634fd268eb56428cda92cd317752d69
Patch
https://git.kernel.org/stable/c/6631c8da02cfad96c53b217cf647b511c7f34faf
Patch
https://git.kernel.org/stable/c/a759905de9cd6ec9ca08ceadf0920272772ed830
Patch
https://git.kernel.org/stable/c/f8cd8754a03a3748384ee438c572423643c9c315
Patch
https://git.kernel.org/stable/c/cec08b7d1ebcd3138d4658b3868ce26aeb1e8e06
Patch
https://git.kernel.org/stable/c/eea8e4e056a5ffbeb539a13854c017d5d62c756a
Patch
https://git.kernel.org/stable/c/609d54441493c99f21c1823dfd66fa7f4c512ff4
Patch