CVE-2023-4732

CWE-366 CWE-362 — Race Condition7 documents7 sources

Severity

4.7MEDIUM

EPSS

0.0%

top 97.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Redhat Codeready Linux Builder Redhat Codeready Linux Builder FOR Arm64 +7 more

Timeline

PublishedOct 3

Description

A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel5.13.19

▶Debianlinux< 5.10.70-1+3

▶NVDredhat/codeready_linux_builder8.0

Also affects: Enterprise Linux 8.0

🔴Vulnerability Details

OSV

CVE-2023-4732: A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel↗2023-10-03

▶

CVEList

Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h↗2023-10-03

▶

GHSA

GHSA-c9mw-vpxm-p7rq: A flaw was found in the Linux Kernel's memory management subsytem↗2023-10-03

▶

💥Exploits & PoCs

Nuclei

Mlflow - Cross-Site Scripting

▶

📋Vendor Advisories

Red Hat

kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h↗2023-09-02

▶

Debian

CVE-2023-4732: linux - A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the...↗2023

▶