CVE-2023-3141
published 2023-06-09CVE-2023-3141: A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash…
high7.1CVSS 3.1
AVLACLPRLUINSUCHINAH
A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.37-1 (bookworm) | linux 6.1.37-1 (bookworm) |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.191-1 | 5.10.191-1 |
| linux | linux_kernel | >= 0 < 6.1.37-1 | 6.1.37-1 |
| linux | linux_kernel | >= 0 < 6.3.7-1 | 6.3.7-1 |
| linux | linux_kernel | >= 0 < 6.3.7-1 | 6.3.7-1 |
| linux | linux_kernel | >= 0 < 5.4.0-156.173 | 5.4.0-156.173 |
| linux | linux_kernel | >= 0 < 5.15.0-79.86 | 5.15.0-79.86 |
| linux | linux_kernel | >= 0 < 4.4.0-243.277 | 4.4.0-243.277 |
| linux | linux_kernel | >= 0 < 4.15.0-214.225 | 4.15.0-214.225 |
| linux | linux_kernel | >= 2.6.39 < 4.14.316 | 4.14.316 |
| linux | linux_kernel | >= 4.15 < 4.19.284 | 4.19.284 |
| linux | linux_kernel | >= 4.20 < 5.4.244 | 5.4.244 |
| linux | linux_kernel | >= 5.11 < 5.15.113 | 5.15.113 |
| linux | linux_kernel | >= 5.16 < 6.1.30 | 6.1.30 |
| linux | linux_kernel | >= 5.5 < 5.10.181 | 5.10.181 |
| linux | linux_kernel | >= 6.2 < 6.3.4 | 6.3.4 |
| msrc | cbl2_kernel_5.15.116.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| netapp | hci_baseboard_management_controller | — | — |
| netapp | hci_baseboard_management_controller | — | — |
| netapp | hci_baseboard_management_controller | — | — |
| netapp | hci_baseboard_management_controller | — | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
osv7.8HIGH