CVE-2023-1192
CVSS v3.1
6.5 (Medium)
EPSS
0.05 % (20th)
Affected Products
2
Advisories
25
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-11-01 20:15:08
(10 months ago) - Updated Date
-
2024-03-07 17:15:09
(6 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...