1. Home
  2. Vulnerabilities
  3. CVE-2023-21400

CVE-2023-21400

CVSS v3.1 6.7 (Medium)
67% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 2
Advisories 15
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

Weaknesses
CWE-667
Improper Locking
CVE Status
PUBLISHED
CNA
Android (associated with Google Inc. or Open Handset Alliance)
Published Date
2023-07-13 00:15:24
(14 months ago)
Updated Date
2024-01-19 16:15:08
(8 months ago)

Affected Products

Debian

Google

Configuration #1

    CPE23 From Up To
  Google Android cpe:2.3:o:google:android:-

Configuration #2

    CPE23 From Up To
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0
  Debian Linux 11.0 cpe:2.3:o:debian:debian_linux:11.0