Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-1476


A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.


Published

2023-11-03T09:15:13.393

Last Modified

2024-11-21T07:39:16.030

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.0 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-416
  • Type: Primary
    CWE-416

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System linux linux_kernel < 5.14 Yes
Operating System redhat enterprise_linux 8.0 Yes
Operating System redhat enterprise_linux_eus 8.8 Yes
Operating System redhat enterprise_linux_for_power_little_endian 8.0_ppc64le Yes
Operating System redhat enterprise_linux_for_power_little_endian_eus 8.8_ppc64le Yes
Operating System redhat enterprise_linux_server_tus 8.8 Yes

References