CVE-2023-1073

Description

A memory corruption flaw was found in the Linux kernel’s human interface device (HID) subsystem in how a user inserts a malicious USB device. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Related CPE's

o linux linux_kernel -*******

o redhat enterprise_linux 7.0 *******

o redhat enterprise_linux 8.0 *******

o redhat enterprise_linux 9.0 *******

o fedoraproject fedora 37 *******

References

https://www.openwall.com/lists/osssecurity/2023/01/17/3

Broken Link

https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/id=b12fece4c64857e5fab4290bf01b2e0317a88456

Mailing ListPatch

https://bugzilla.redhat.com/show_bug.cgi?id=2173403

Issue TrackingThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io