Podatność CVE-2023-6560


Publikacja: 2023-12-09   Modyfikacja: 2023-12-14

Opis:
An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
io_uring __io_uaddr_map() Dangerous Multi-Page Handling
Jann Horn
10.01.2024

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Affected software
Linux -> Linux kernel 

 Referencje:
https://access.redhat.com/security/cve/CVE-2023-6560
https://bugzilla.redhat.com/show_bug.cgi?id=2253249
https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ/

Copyright 2024, cxsecurity.com

 

Back to Top