Vulnerability CVE-2023-45863: Information

Description

An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.

Severity: MEDIUM (6.4) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-45863
Published: Oct. 15, 2023
Modified: Jan. 12, 2024
Error type identifier: CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-rpi-unsisyphus6.6.23-alt16.6.23-alt1ALT-PU-2024-6818-2345422Fixed
kernel-image-rpi-unp116.6.23-alt16.6.23-alt1ALT-PU-2024-6818-2345422Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bb2a01caa813d3a1845d378bbe4169ef280d394
  • Mailing List
  • Patch
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3
  • Release Notes
[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update
    [debian-lts-announce] 20240111 [SECURITY] [DLA 3711-1] linux-5.10 security update

        1. Configuration 1

          cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
          End excliding
          6.2.3
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.3
      Back to top