Linux Kernel UAF in vc_screen.c allows local crash/leak
CVE-2023-3567 Published on July 24, 2023

Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2023-3567 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity, and a high impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

HIGH

Timeline

2023-04-13

Reported to Red Hat.

2023-01-14

Made public.

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2023-3567 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2023-3567

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-3567 are published in these products:

Linux Kernel

Red Hat Enterprise Linux (RHEL)

Canonical Ubuntu Linux

Red Hat Rhel Eus

Red Hat Rhev Hypervisor

Affected Versions

Red Hat Enterprise Linux 8:

Version 0:4.18.0-553.rt7.342.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:4.18.0-553.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Extended Update Support:

Version 0:4.18.0-372.87.1.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Extended Update Support:

Version 0:4.18.0-477.43.1.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:5.14.0-427.13.1.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:5.14.0-427.13.1.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Extended Update Support:

Version 0:5.14.0-70.85.1.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Extended Update Support:

Version 0:5.14.0-70.85.1.rt21.156.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Extended Update Support:

Version 0:5.14.0-284.48.1.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Extended Update Support:

Version 0:5.14.0-284.48.1.rt14.333.el9_2 and below * is unaffected.

Red Hat Virtualization 4 for Red Hat Enterprise Linux 8:

Version 0:4.18.0-372.87.1.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 9:

Exploit Probability

EPSS

0.01%

Percentile

0.64%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Linux Kernel UAF in vc_screen.c allows local crash/leakCVE-2023-3567 Published on July 24, 2023