CVE-2023-35826
Published: October 18, 2023Last modified: October 18, 2023
Description
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7 |
Attack Vector | LOCAL |
Attack complexity | HIGH |
Privileges required | LOW |
User interaction | NONE |
Scope | UNCHANGED |
Confidentiality | HIGH |
Integrity impact | HIGH |
Availability impact | HIGH |
Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Status
Product | Release | Package | Status |
---|---|---|---|
Alpaquita Linux | Stream | linux-lts | Not affected (6.1.50-r0) |
References
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50d0a7aea4809cef87979d4669911276aa23b71f
- https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a%40xs4all.nl/
- https://lore.kernel.org/all/[email protected]/
- https://lore.kernel.org/linux-arm-kernel/20230308032333.1893394-1-zyytlz.wz%40163.com/T/
- https://lore.kernel.org/linux-arm-kernel/[email protected]/T/
- https://security.netapp.com/advisory/ntap-20230803-0002/