TROYANOSYVIRUS
Back to CVEs

CVE-2023-21400

MEDIUM
6.7

Description

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

CVE Details

CVSS v3.1 Score6.7
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published7/13/2023
Last Modified2/13/2025
Sourcenvd
Honeypot Sightings0

Affected Products

debian:debian_linuxgoogle:android

Weaknesses (CWE)

CWE-667

References

http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html(security@android.com)
http://www.openwall.com/lists/oss-security/2023/07/14/2(security@android.com)
http://www.openwall.com/lists/oss-security/2023/07/19/2(security@android.com)
http://www.openwall.com/lists/oss-security/2023/07/19/7(security@android.com)
http://www.openwall.com/lists/oss-security/2023/07/25/7(security@android.com)
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html(security@android.com)
https://security.netapp.com/advisory/ntap-20240119-0012/(security@android.com)
https://source.android.com/security/bulletin/pixel/2023-07-01(security@android.com)
https://www.debian.org/security/2023/dsa-5480(security@android.com)
http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/14/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/19/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/19/7(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/07/25/7(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20240119-0012/(af854a3a-2127-422b-91ae-364da2661108)
https://source.android.com/security/bulletin/pixel/2023-07-01(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5480(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.