CVE-2023-33250
Published: October 18, 2023Last modified: October 18, 2023
Description
The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 4.4 |
Attack Vector | LOCAL |
Attack complexity | LOW |
Privileges required | HIGH |
User interaction | NONE |
Scope | UNCHANGED |
Confidentiality | NONE |
Integrity impact | NONE |
Availability impact | HIGH |
Vector | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
Status
Product | Release | Package | Status |
---|---|---|---|
Alpaquita Linux | Stream | linux-lts | Unknown (6.1.33-r0) |
References
- https://bugzilla.suse.com/show_bug.cgi?id=1211597
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=804ca14d04df09bf7924bacc5ad22a4bed80c94f
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dbe245cdf5189e88d680379ed13901356628b650
- https://groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ
- https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T/
- https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%[email protected]/T/
- https://security.netapp.com/advisory/ntap-20230622-0006/