CVE-2023-26544

Sažetak

In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.

Reference

https://bugzilla.suse.com/show_bug.cgi?id=1208697
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=887bfc546097fbe8071dac13b2fef73b77920899
https://lkml.org/lkml/2023/2/20/128
https://security.netapp.com/advisory/ntap-20230316-0010/
https://bugzilla.suse.com/show_bug.cgi?id=1208697
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=887bfc546097fbe8071dac13b2fef73b77920899
https://lkml.org/lkml/2023/2/20/128
https://security.netapp.com/advisory/ntap-20230316-0010/

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

05-05-2025 - 16:15

Objavljeno

25-02-2023 - 04:15