CVE-2023-0459
CVSS v3.1
5.5 (Medium)
EPSS
0.04 % (10th)
Affected Products
1
Advisories
41
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47
Weaknesses
- CWE-763
- Release of Invalid Pointer or Reference
- CVE Status
- PUBLISHED
- CNA
- Google Inc.
- Published Date
-
2023-05-25 14:15:09
(16 months ago) - Updated Date
-
2023-06-06 13:47:53
(15 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...