PT-2023-6287 · Linux+9 · Linux Kernel+9

Wang Hai

·

Publicado

2023-01-11

·

Atualizado

2024-12-19

·

CVE-2023-45863

CVSS v3.1

6.4

Média

VetorAV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.3
Description An issue was discovered in lib/kobject.c in the Linux kernel. With root access, an attacker can trigger a race condition that results in a fill kobj path() out-of-bounds write. This can potentially impact the confidentiality, integrity, and availability of protected information.
Recommendations For Linux kernel versions prior to 6.2.3, update to version 6.2.3 or later to resolve the issue. As a temporary workaround, consider restricting root access to minimize the risk of exploitation.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2024-14046
ALT-PU-2024-2275
ALT-PU-2024-6818
AZL-31568
BDU:2023-06998
CESA-2024_2950
CESA-2024_3138
CVE-2023-45863
DLA-3710-1
DLA-3711-1
DSA-5594-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
OESA-2023-1779
OESA-2023-1780
OESA-2023-1781
OESA-2023-1782
OPENSUSE-SU-2023_4730-1
OPENSUSE-SU-2023_4731-1
OPENSUSE-SU-2023_4732-1
OPENSUSE-SU-2023_4734-1
OPENSUSE-SU-2023_4782-1
OPENSUSE-SU-2023_4882-1
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2023:4730-1
SUSE-SU-2023:4731-1
SUSE-SU-2023:4732-1
SUSE-SU-2023:4733-1
SUSE-SU-2023:4734-1
SUSE-SU-2023:4735-1
SUSE-SU-2023:4782-1
SUSE-SU-2023:4783-1
SUSE-SU-2023:4784-1
SUSE-SU-2023:4810-1
SUSE-SU-2023:4811-1
SUSE-SU-2023:4882-1
SUSE-SU-2023:4883-1
SUSE-SU-2024:0112-1
USN-6577-1
USN-6602-1
USN-6604-1
USN-6604-2
USN-6625-1
USN-6625-2
USN-6625-3

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu