PT-2022-6519 · Linux+7 · Linux Kernel+7

Published

2022-05-16

Updated

2024-04-19

CVE-2023-1838

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free flaw was found in the vhost net set backend function in drivers/vhost/net.c in the virtio network subcomponent of the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system and potentially lead to a kernel information leak problem.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:0897

ALT-PU-2022-2497

ALT-PU-2022-2523

ALT-PU-2022-2915

ALT-PU-2022-2919

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

AZL-26032

BDU:2023-01957

CESA-2024_0881

CESA-2024_0897

CVE-2023-1838

OESA-2023-1215

OESA-2023-1229

OPENSUSE-SU-2023_2646-1

OPENSUSE-SU-2023_2871-1

RHSA-2023:6583

RHSA-2023_6583

RHSA-2024:0412

RHSA-2024:0575

RHSA-2024:0881

RHSA-2024:0897

RHSA-2024_0881

RHSA-2024_0897

SUSE-SU-2023:1895-1

SUSE-SU-2023:1897-1

SUSE-SU-2023:1992-1

SUSE-SU-2023:2146-1

SUSE-SU-2023:2147-1

SUSE-SU-2023:2148-1

SUSE-SU-2023:2646-1

SUSE-SU-2023:2809-1

SUSE-SU-2023:2871-1

USN-6740-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2022-6519 · Linux+7 · Linux Kernel+7

CVE-2023-1838

Weakness Enumeration

Related Identifiers

Affected Products

References · 706