PT-2022-6237 · Linux+10 · Linux Kernel+10

Seth Jenkins

·

Published

2022-10-07

·

Updated

2026-03-14

·

CVE-2023-0597

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a memory management vulnerability in the Linux kernel, specifically concerning the lack of randomization of exception handling stacks. This could allow an attacker to gain unauthorized access to protected information. A local user may exploit this flaw to access important data by guessing the location of exception stacks or other critical data in memory.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Use of Insufficiently Random Values

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-330CWE-200

Related Identifiers

ALSA-2023:7077
ALT-PU-2023-5044
BDU:2023-00625
CESA-2023_6901
CESA-2023_7077
CVE-2023-0597
ECHO-3AEA-BBC4-A835
OESA-2024-2257
OPENSUSE-SU-2023_0774-1
OPENSUSE-SU-2023_2646-1
OPENSUSE-SU-2023_2871-1
RHSA-2023:6583
RHSA-2023:6901
RHSA-2023:7077
RHSA-2023_6583
RHSA-2023_6901
RHSA-2023_7077
RHSA-2024:10262
RHSA-2024:10772
RHSA-2024:10773
RHSA-2024:1188
SUSE-SU-2023:0747-1
SUSE-SU-2023:0749-1
SUSE-SU-2023:0749-2
SUSE-SU-2023:0762-1
SUSE-SU-2023:0768-1
SUSE-SU-2023:0770-1
SUSE-SU-2023:0774-1
SUSE-SU-2023:0778-1
SUSE-SU-2023:0779-1
SUSE-SU-2023:0780-1
SUSE-SU-2023:1608-1
SUSE-SU-2023:1609-1
SUSE-SU-2023:1710-1
SUSE-SU-2023:2232-1
SUSE-SU-2023:2646-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:2871-1
USN-6206-1
USN-6235-1
USN-6300-1
USN-6311-1
USN-6332-1
USN-6347-1
USN-6440-1
USN-6440-2
USN-6440-3
USN-6462-1
USN-6462-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu