mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-30 18:21:17 +00:00
40 lines
1.2 KiB
JSON
40 lines
1.2 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2023-2008",
|
||
|
|
"sourceIdentifier": "secalert@redhat.com",
|
||
|
|
"published": "2023-04-14T21:15:08.597",
|
||
|
|
"lastModified": "2023-04-17T22:15:10.077",
|
||
|
|
"vulnStatus": "Awaiting Analysis",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "secalert@redhat.com",
|
||
|
|
"type": "Secondary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-129"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186862",
|
||
|
|
"source": "secalert@redhat.com"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://github.com/torvalds/linux/commit/05b252cccb2e5c3f56119d25de684b4f810ba4",
|
||
|
|
"source": "secalert@redhat.com"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-441/",
|
||
|
|
"source": "secalert@redhat.com"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|