CVE-2023-3141

A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.

Published: Jun 9, 2023
Updated: Nov 8, 2023
CVE: CVE-2023-3141
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	4.20	5.4.244
linux / linux_kernel	4.15	4.19.284
linux / linux_kernel	6.2	6.3.4
linux / linux_kernel	5.16	6.1.30
linux / linux_kernel	5.11	5.15.113
linux / linux_kernel	5.5	5.10.181
linux / linux_kernel	2.6.39	4.14.316
netapp / hci_baseboard_management_controller	h300s	h300s.x
netapp / hci_baseboard_management_controller	h500s	h500s.x
netapp / hci_baseboard_management_controller	h700s	h700s.x
netapp / hci_baseboard_management_controller	h410s	h410s.x
netapp / hci_baseboard_management_controller	h410c	h410c.x
debian / debian_linux	10.0	10.0.x

Vulnerability Database

289,599

CVE-2023-3141