CVE-2023-1611

Published Apr 3, 2023

Last updated 10 days ago

CVSS medium 6.3

Overview

Description: A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.3
Impact score: 5.2
Exploitability score: 1
Vector string: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Severity: MEDIUM

Weaknesses

secalert@redhat.com: CWE-416
nvd@nist.gov: CWE-416

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4528DBDD-F4E2-42CB-A24E-94F8669AB405",
            "versionEndExcluding": "5.10.177",
            "versionStartIncluding": "2.6.13"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "35F48AA0-B61E-4650-837F-1DABC0338F21",
            "versionEndExcluding": "5.15.106",
            "versionStartIncluding": "5.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "168D4F38-A434-4148-B81D-D0B3C4E78204",
            "versionEndExcluding": "6.1.23",
            "versionStartIncluding": "6.1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5178A008-E2D6-4093-BCD4-8A80523EE39E",
            "versionEndExcluding": "6.2.10",
            "versionStartIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F76C298-81DC-43E4-8FC9-DC005A2116EF"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21D6F467-B848-453E-B1A4-BEF940E413A6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC271202-7570-4505-89A4-D602D47BFD00"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D413BB6D-4F74-4C7D-9163-47786619EF53"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References