CVE-2023-7258
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-7258
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-7258.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-7258
- Downstream
- Published
- 2024-05-15T17:15:09.987Z
- Modified
- 2025-11-20T12:23:00.064363Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past commit 6a112c60a257dadac59962e0bc9e9b5aee70b5b6
- References
Affected packages
Git / github.com/google/gvisor
Affected ranges
- Type
- GIT
- Repo
- https://github.com/google/gvisor
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
release-20190304.*
release-20190304.1
release-20190529.*
release-20190529.1
release-20190722.*
release-20190722.1
release-20190806.*
release-20190806.1
release-20191104.*
release-20191104.0
release-20191114.*
release-20191114.0
release-20191129.*
release-20191129.0
release-20191210.*
release-20191210.0
release-20191213.*
release-20191213.0
release-20200115.*
release-20200115.0
release-20200127.*
release-20200127.0
release-20200211.*
release-20200211.0
release-20200219.*
release-20200219.0
release-20200323.*
release-20200323.0
release-20200413.*
release-20200413.0
release-20200422.*
release-20200422.0
release-20200511.*
release-20200511.0
release-20200518.*
release-20200518.0
release-20200522.*
release-20200522.0
release-20200601.*
release-20200601.0
release-20200608.*
release-20200608.0
release-20200622.*
release-20200622.1
release-20200804.*
release-20200804.0
release-20200810.*
release-20200810.0
release-20200818.*
release-20200818.0
release-20200907.*
release-20200907.0
release-20200914.*
release-20200914.0
release-20200921.*
release-20200921.0
release-20200928.*
release-20200928.0
release-20201005.*
release-20201005.0
release-20201012.*
release-20201012.0
release-20201019.*
release-20201019.0
release-20201027.*
release-20201027.0
release-20201030.*
release-20201030.0
release-20201109.*
release-20201109.0
release-20201117.*
release-20201117.0
release-20201130.*
release-20201130.0
release-20201208.*
release-20201208.0
release-20201216.*
release-20201216.0
release-20210112.*
release-20210112.0
release-20210121.*
release-20210121.1
release-20210125.*
release-20210125.0
release-20210201.*
release-20210201.0
release-20210208.*
release-20210208.0
release-20210301.*
release-20210301.0
release-20210309.*
release-20210309.0
release-20210315.*
release-20210315.0
release-20210322.*
release-20210322.0
release-20210408.*
release-20210408.0
release-20210412.*
release-20210412.0
release-20210419.*
release-20210419.0
release-20210503.*
release-20210503.0
release-20210510.*
release-20210510.0
release-20210518.*
release-20210518.0
release-20210601.*
release-20210601.0
release-20210607.*
release-20210607.0
release-20210614.*
release-20210614.0
release-20210622.*
release-20210622.0
release-20210628.*
release-20210628.0
release-20210705.*
release-20210705.0
release-20210712.*
release-20210712.0
release-20210720.*
release-20210720.0
release-20210726.*
release-20210726.0
release-20210806.*
release-20210806.0
release-20210816.*
release-20210816.0
release-20210823.*
release-20210823.0
release-20210830.*
release-20210830.0
release-20210906.*
release-20210906.0
release-20210921.*
release-20210921.0
release-20210927.*
release-20210927.0
release-20211005.*
release-20211005.0
release-20211011.*
release-20211011.0
release-20211019.*
release-20211019.0
release-20211026.*
release-20211026.0
release-20211101.*
release-20211101.0
release-20211108.*
release-20211108.0
release-20211115.*
release-20211115.0
release-20211122.*
release-20211122.0
release-20211129.*
release-20211129.0
release-20220103.*
release-20220103.0
release-20220117.*
release-20220117.0
release-20220124.*
release-20220124.0
release-20220131.*
release-20220131.0
release-20220208.*
release-20220208.0
release-20220214.*
release-20220214.0
release-20220221.*
release-20220221.0
release-20220222.*
release-20220222.0
release-20220228.*
release-20220228.0
release-20220309.*
release-20220309.0
release-20220314.*
release-20220314.0
release-20220321.*
release-20220321.0
release-20220328.*
release-20220328.0
release-20220405.*
release-20220405.0
release-20220411.*
release-20220411.0
release-20220418.*
release-20220418.0
release-20220425.*
release-20220425.0
release-20220502.*
release-20220502.1
release-20220510.*
release-20220510.0
release-20220516.*
release-20220516.0
release-20220606.*
release-20220606.0
release-20220621.*
release-20220621.0
release-20220627.*
release-20220627.0
release-20220704.*
release-20220704.0
release-20220713.*
release-20220713.0
release-20220718.*
release-20220718.0
release-20220801.*
release-20220801.0
release-20220808.*
release-20220808.0
release-20220815.*
release-20220815.0
release-20220822.*
release-20220822.0
release-20220905.*
release-20220905.0
release-20220913.*
release-20220913.0
release-20220919.*
release-20220919.0
release-20220926.*
release-20220926.0
release-20221003.*
release-20221003.0
release-20221010.*
release-20221010.0
release-20221017.*
release-20221017.0
release-20221026.*
release-20221026.0
release-20221102.*
release-20221102.1
release-20221107.*
release-20221107.0
release-20221122.*
release-20221122.0
release-20221128.*
release-20221128.0
release-20221205.*
release-20221205.0
release-20221212.*
release-20221212.0
release-20221219.*
release-20221219.0
release-20230102.*
release-20230102.0
release-20230109.*
release-20230109.0
release-20230118.*
release-20230118.0
release-20230123.*
release-20230123.0
release-20230130.*
release-20230130.0
release-20230214.*
release-20230214.0
release-20230227.*
release-20230227.0
release-20230306.*
release-20230306.0
release-20230313.*
release-20230313.0
release-20230320.*
release-20230320.0
release-20230327.*
release-20230327.0
release-20230417.*
release-20230417.0
release-20230501.*
release-20230501.0
release-20230508.*
release-20230508.0
release-20230517.*
release-20230517.0
release-20230522.*
release-20230522.0
release-20230529.*
release-20230529.0
release-20230605.*
release-20230605.0
release-20230621.*
release-20230621.0
release-20230627.*
release-20230627.0
release-20230710.*
release-20230710.0
release-20230717.*
release-20230717.0
release-20230724.*
release-20230724.0
release-20230731.*
release-20230731.0
release-20230801.*
release-20230801.0
release-20230807.*
release-20230807.0
release-20230814.*
release-20230814.0
release-20230823.*
release-20230823.0
release-20230904.*
release-20230904.0
release-20230911.*
release-20230911.0
release-20230920.*
release-20230920.0
release-20230925.*
release-20230925.0
release-20231003.*
release-20231003.0
release-20231009.*
release-20231009.0
release-20231016.*
release-20231016.0
release-20231023.*
release-20231023.0
release-20231030.*
release-20231030.0
release-20231106.*
release-20231106.0
release-20231113.*
release-20231113.0
release-20231120.*
release-20231120.0
Database specific
vanir_signatures
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"269802285469074608123542573705608135095",
"15643295923371110299552405570464642109",
"30707538532061579888770222677221965848",
"140833348707707780581757800415215888964",
"311327337334935848450225604739890492340",
"228271758042552947232133433063952989862",
"168102985027651801616458849826001019691",
"95541713137360941677230737423589630070",
"328970649726918352133359352452513874559",
"108587633537507210242609878158511307392"
]
},
"id": "CVE-2023-7258-8c75cc02",
"source": "https://github.com/google/gvisor/commit/6a112c60a257dadac59962e0bc9e9b5aee70b5b6",
"signature_type": "Line",
"target": {
"file": "test/syscalls/linux/mount.cc"
},
"signature_version": "v1",
"deprecated": false
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-7258.json"