Vulnerabilities

CVE-2024-0582

by Fred · 16/01/2024

A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.

More information : http://www.openwall.com/lists/oss-security/2024/04/24/3

Attack vector : LOCAL
Attack complexity : LOW
Privileges required : LOW
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 7.8
Base severity : HIGH
Exploitability score : 1.8
Impact score : 5.9

Similar

Tags: Cybersecurity Alert