CVE-2023-4389 — Double Free in Kernel

CWE-415 — Double Free CWE-416 — Use After Free CWE-200 — Sensitive Information Exposure CWE-312 — Cleartext Storage of Sensitive Info CWE-359 — Exposure of Private Personal Information to an Unauthorized Actor7 documents7 sources

Severity

7.1HIGHNVD

EPSS

0.0%

top 95.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Nautobot Debian Linux +1 more

Timeline

PublishedAug 16

Latest updateOct 24

Description

A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages5 packages

▶NVDlinux/linux_kernel5.7 — 5.10.112+2

▶Debianlinux/linux_kernel< 5.10.113-1+3

▶msrcmsrc/cbl2_kernel_5.15.126.1-1_on_cbl_mariner_2.0

▶debiandebian/linux< linux 5.17.6-1 (bookworm)

▶PyPInautobot/nautobot2.0.0 — 2.0.3

Patches

Patch: patchwork.kernel.org ↗Patch: patchwork.kernel.org ↗

🔴Vulnerability Details

GHSA

Nautobot vulnerable to exposure of hashed user passwords via REST API↗2023-10-24

▶

GHSA

GHSA-4g3m-89jh-2mrf: A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io↗2023-08-16

▶

OSV

CVE-2023-4389: A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io↗2023-08-16

▶

📋Vendor Advisories

Microsoft

Kernel: btrfs: double free in btrfs_get_root_ref()↗2023-08-08

▶

Debian

CVE-2023-4389: linux - A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesy...↗2023

▶

Red Hat

kernel: btrfs: double free in btrfs_get_root_ref()↗2022-03-24

▶