CVE-2023-1583
CVSS v3.1
5.5 (Medium)
EPSS
0.04 % (10th)
Affected Products
1
Advisories
6
A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. When fixed files are unregistered, some context information (file_alloc_{start,end} and alloc_hint) is not cleared. A subsequent request that has auto index selection enabled via IORING_FILE_INDEX_ALLOC can cause a NULL pointer dereference. An unprivileged user can use the flaw to cause a system crash.
Weaknesses
- CWE-476
- NULL Pointer Dereference
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-03-24 22:15:07
(18 months ago) - Updated Date
-
2023-08-02 17:08:56
(13 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...