Description
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information
Related CPE's
o
linux
linux_kernel
3
References
https://access.redhat.com/security/cve/CVE-2023-4394
Issue TrackingThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2219263
Issue TrackingPatchThird Party Advisory
https://patchwork.kernel.org/project/linux-btrfs/patch/[email protected]/
Mailing ListPatchVendor Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
6 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-08-17T13:15:11.543
11 months agoLast modified
2023-11-07T04:22:31.487
8 months ago