PT-2023-5514 · Linux+4 · Linux Kernel+4

Rohit Keshri

Published

2023-09-25

Updated

2024-02-14

CVE-2023-5158

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description The issue is related to a flaw in the vringh kiov advance() function in the drivers/vhost/vringh.c module of the Linux Kernel. This flaw may result in a denial of service from guest to host via zero length descriptor. An attacker could exploit this issue to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835CWE-684

Related Identifiers

BDU:2023-06162

CVE-2023-5158

OPENSUSE-SU-2023_4730-1

OPENSUSE-SU-2023_4731-1

OPENSUSE-SU-2023_4732-1

OPENSUSE-SU-2023_4734-1

OPENSUSE-SU-2023_4782-1

SUSE-SU-2023:4730-1

SUSE-SU-2023:4731-1

SUSE-SU-2023:4732-1

SUSE-SU-2023:4734-1

SUSE-SU-2023:4782-1

SUSE-SU-2023:4810-1

USN-6534-1

USN-6534-2

USN-6534-3

USN-6536-1

USN-6537-1

USN-6549-1

USN-6549-2

USN-6549-3

USN-6549-4

USN-6549-5

USN-6573-1

USN-6635-1

Affected Products

Astra Linux

Linux Kernel

Linuxmint

Suse

Ubuntu

PT-2023-5514 · Linux+4 · Linux Kernel+4

CVE-2023-5158

Weakness Enumeration

Related Identifiers

Affected Products

References · 151