CVE-2023-2141
published 2023-04-21CVE-2023-2141: An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
PriorityP354high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.04%
59.8th percentile
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 3ds | delmia_apriso | 2017 – 2022 | — |
| dassault_syst_mes | delmia_apriso | — | — |
| dassault_syst_mes | delmia_apriso | Apriso 2017 Golden – Apriso 2017 SP7 | — |
| dassault_syst_mes | delmia_apriso | Apriso 2018 Golden – Apriso 2018 SP4 | — |
| dassault_syst_mes | delmia_apriso | Apriso 2019 Golden – Apriso 2019 SP5 | — |
| dassault_syst_mes | delmia_apriso | Apriso 2020 Golden – Apriso 2020 SP4 | — |
| dassault_syst_mes | delmia_apriso | Apriso 2021 Golden – Apriso 2021 SP2 | — |
| linux | linux_kernel | >= 0 < 5.10.181 | 5.10.181 |
| linux | linux_kernel | >= 5.11.0 < 5.15.113 | 5.15.113 |
| linux | linux_kernel | >= 5.16.0 < 6.1.30 | 6.1.30 |
| linux | linux_kernel | >= 6.2.0 < 6.3.4 | 6.3.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
osv·2025-12-09
CVE-2023-53835 ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
In the Linux kernel, the following vulnerability has been resolved:
ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled
When a file system currently mounted read/only is remounted
read/write, if we clear the SB_RDONLY flag too early, before the quota
is initialized, and there is another process/thread constantly
attempting to create a directory, it's possible to trigger the
WARN_ON_ONCE(dquot_initialize_needed(inode));
in ext4_xattr_block_set(), with the following stack trace:
WARNING: CPU: 0 PID: 5338 at fs/ext4/xattr.c:2141 ext4_xattr_block_set+0x2ef2/0x3680
RIP: 0010:ext4_xattr_block_set+0x2ef2/0x3680 fs/ext4/xattr.c:2141
Call Trace:
ext4_xattr_set_handle+0xcd4/0x15c0 fs/ext4/xattr.c:24
GHSA
GHSA-4c8v-cr5p-rp5v: An unsafe
ghsa_unreviewed·2023-04-21
CVE-2023-2141 [HIGH] CWE-502 GHSA-4c8v-cr5p-rp5v: An unsafe
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-04-21
Published