Alpaquita Linux
Security Advisory

CVE-2023-3141

Published: June 9, 2023Last modified: September 29, 2023

Description

A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.

Severity score breakdown

ParameterValue
Base score7.1
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactNONE
Availability impactHIGH
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Status

ProductReleasePackageStatus
Alpaquita LinuxStreamlinux-ltsUnknown (6.1.33-r0)

References

ON THIS PAGE