← voltar
CVE-2023-2007

CVE-2023-2007

EPSS 0.3%CWE-367
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
24 abr 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.
Produtos afetados
n/a · Linux kernel's DPT I2O Controller driver

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/torvalds/linux/commit/b04e75a4a8a81887386a0d2dbf605a48e779d2a0https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlhttps://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlhttps://security.netapp.com/advisory/ntap-20240119-0011/https://www.debian.org/security/2023/dsa-5480