CVE-2023-6560

CVSS V2 None CVSS V3 None

Description

An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.

Overview

CVE ID
CVE-2023-6560

Assigner
redhat

Vulnerability Status
PUBLISHED

Published Version
2023-12-08T23:56:55.211Z

Last Modified Date
2024-01-23T02:07:14.972Z

Weakness Enumerations

CWE	URL
CWE-823	http://cwe.mitre.org/data/definitions/823.html

References

Reference URL	Reference Tags
http://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html
https://access.redhat.com/security/cve/CVE-2023-6560	vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2253249	issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK/
https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-6560
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6560

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 06:22:52				Added to TrackCVE