CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2598

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.7%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2023-2598

Netapp » Hci Baseboard Management Controller » Version: h300s

cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s
Netapp » Hci Baseboard Management Controller » Version: h410c

cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c
Netapp » Hci Baseboard Management Controller » Version: h410s

cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s
Netapp » Hci Baseboard Management Controller » Version: h500s

cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s
Netapp » Hci Baseboard Management Controller » Version: h700s

cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s
Linux » Linux Kernel » Version: 6.3

cpe:2.3:o:linux:linux_kernel:6.3
Linux » Linux Kernel » Version: 6.3.1

cpe:2.3:o:linux:linux_kernel:6.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2598

Products

Pricing

Contact Us