Description

A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information

Related CPE's

o

linux

linux_kernel

3

References

https://access.redhat.com/security/cve/CVE-2023-4394

Issue TrackingThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2219263

Issue TrackingPatchThird Party Advisory

https://patchwork.kernel.org/project/linux-btrfs/patch/[email protected]/

Mailing ListPatchVendor Advisory

https://access.redhat.com/security/cve/CVE-2023-4394

Issue TrackingThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2219263

Issue TrackingPatchThird Party Advisory

https://patchwork.kernel.org/project/linux-btrfs/patch/[email protected]/

Mailing ListPatchVendor Advisory

Weaknesses

[email protected]

Secondary
CWE-400

[email protected]

Primary
CWE-416

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.7 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-17T11:15:11.543Z

2 years ago

Last modified

2024-11-21T07:35:03.423Z

1 year ago