CVE-2023-3269

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-3269
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3269.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-3269
Downstream
Related
Published
2023-07-11T12:15:10.047Z
Modified
2026-02-13T08:58:49.384441Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.

References

Affected packages

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
7614896350aa20764c5eca527262d9eb0a57da63
Fixed
0f4ac6b4c5f00f45b7a429c8a5b028a598c6400c
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
429cff33b400edd76fc4d5e470742812a44fbc91

Affected versions

v6.*
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.3.1
v6.3.10
v6.3.2
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.3.7
v6.3.8
v6.3.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3269.json"