CVE-2023-22998

CVSS V2 None CVSS V3 None
Description
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).
Overview
  • CVE ID
  • CVE-2023-22998
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2023-02-28T21:15:12
  • Last Modified Date
  • 2023-05-03T01:15:13
Weakness Enumerations
CWE URL
CWE-436 http://cwe.mitre.org/data/definitions/436.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 1 OR 6.0.3
References
Reference URL Reference Tags
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3 Release Notes
https://github.com/torvalds/linux/commit/c24968734abfed81c8f93dc5f44a7b7a9aecadfa Patch
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-22998
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22998
History
Created Old Value New Value Data Type Notes
2023-04-17 05:44:59 Added to TrackCVE
2023-04-17 05:45:01 Weakness Enumeration new
2023-05-03 02:02:43 2023-05-03T01:15:13 CVE Modified Date updated
2023-05-03 02:02:44 Analyzed Modified Vulnerability Status updated
2023-05-03 02:02:54 References updated