Vulnerability Details : CVE-2023-6560
An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.
Vulnerability category: Overflow
Products affected by CVE-2023-6560
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-6560
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-6560
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
Red Hat, Inc. |
CWE ids for CVE-2023-6560
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
-
The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.Assigned by: secalert@redhat.com (Secondary)
References for CVE-2023-6560
-
https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/
[1/8] io_uring: don't allow discontig pages for IORING_SETUP_NO_MMAP - PatchworkMailing List;Patch
-
https://access.redhat.com/security/cve/CVE-2023-6560
CVE-2023-6560- Red Hat Customer PortalThird Party Advisory
-
http://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html
io_uring __io_uaddr_map() Dangerous Multi-Page Handling ≈ Packet Storm
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK/
[SECURITY] Fedora 39 Update: kernel-6.6.6-200.fc39 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ/
[SECURITY] Fedora 38 Update: kernel-6.6.6-100.fc38 - package-announce - Fedora Mailing-Lists
-
https://bugzilla.redhat.com/show_bug.cgi?id=2253249
2253249 – (CVE-2023-6560) CVE-2023-6560 kernel: io_uring out of boundary memory access in __io_uaddr_map()Issue Tracking
Jump to