Mend Vulnerability Database

Vulnerability DatabaseCVE-2023-4732

CVE-2023-4732

October 03, 2023

A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.

Related Resources (6)

https://access.redhat.com/errata/RHSA-2023:6901

https://access.redhat.com/errata/RHSA-2024:0412

https://access.redhat.com/errata/RHSA-2023:7077

https://bugzilla.redhat.com/show_bug.cgi?id=2236982

https://access.redhat.com/errata/RHSA-2023:7539

https://access.redhat.com/security/cve/CVE-2023-4732

Do you need more information?

CVSS v4

Base Score:

5.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

NONE

Vulnerable System Integrity

NONE

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-362

Race Condition within a Thread

CWE-366

EPSS

Base Score:

0.01

Products

Solutions

Resources

Company

Compare

Developer Tools