CVE-2023-1838 — Use After Free in Kernel

CWE-416 — Use After Free10 documents9 sources

Severity

7.1HIGHNVD

OSV4.7

EPSS

0.0%

top 94.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Msrc Cbl2 Kernel 5.15.107.1-2 ON CBL Mariner 2.0 +5 more

Timeline

PublishedApr 5

Latest updateAug 19

Description

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages11 packages

▶NVDlinux/linux_kernel4.13 — 4.14.317+5

▶Debianlinux/linux_kernel< 5.10.120-1+3

▶Ubuntulinux/linux_kernel< 4.15.0-224.236

▶CVEListV5linux/linux_kernelLinux Kernel prior to kernel 5.18 25

▶msrcmsrc/cm1_kernel_5.10.177.1-1_on_cbl_mariner_1.0

🔴Vulnerability Details

OSV

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities↗2024-04-19

▶

GHSA

GHSA-rc9p-5gf8-h3m8: A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net↗2023-04-05

▶

OSV

CVE-2023-1838: A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net↗2023-04-05

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2024-04-19

▶

CISA ICS

Siemens SCALANCE XCM-/XRM-300↗2024-02-15

▶

Microsoft

▶

Debian

CVE-2023-1838: linux - A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c ...↗2023

▶

Red Hat

kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()↗2022-05-16

▶

📄Research Papers

arXiv

Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects↗2024-08-19

▶