VDB
CVE-2023-25012
CVE-2023-25012
PUBLISHED
Es existiert eine Schwachstelle im Linux Kernel. Beim Anstecken eines manipulierten USB-Geräts kommt es zu einem Use-After-Free in "bigben_remove" in [drivers/hid/hid-bigbenff.c], da die LED-Controller zu lange registriert bleiben. Ein Angreifer kann diese Schwachstelle ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
EPSS 0.04% · 14.2th percentile
Risk Scores
EPSS Score
0.04%
14.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source Linux Kernel <= 6.1.9 | |
| Ubuntu | Ubuntu Linux | |
| Samsung | Samsung Android <= 13 | |
| Google Android 13 | ||
| SUSE | SUSE Linux | |
| Samsung | Samsung Android | |
| Oracle | Oracle Linux | |
| Debian | Debian Linux | |
| Google Android 12 | ||
| Google Android 12L | ||
| Google Android 11 |
Exploit Intelligence
Timeline
- Feb 1, 2023 CVE Published
- Feb 2, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 14, 2023 EPSS Score
- Apr 23, 2023 EPSS Score
- Jun 2, 2023 EPSS Score
- Aug 22, 2023 EPSS Score
- Oct 1, 2023 EPSS Score
- Nov 10, 2023 EPSS Score
- Dec 20, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Mar 9, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0260.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0260 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-25012 advisory
- https://seclists.org/oss-sec/2023/q1/53 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014062.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014076.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014202.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014197.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-March/014289.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-April/014435.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-April/014442.html advisory
- https://ubuntu.com/security/notices/USN-6033-1 advisory
- https://ubuntu.com/security/notices/USN-6044-1 advisory
- https://ubuntu.com/security/notices/USN-6045-1 advisory
- https://ubuntu.com/security/notices/USN-6043-1 advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-June/015093.html advisory
- https://ubuntu.com/security/notices/USN-6171-1 advisory
- https://ubuntu.com/security/notices/USN-6172-1 advisory
- https://ubuntu.com/security/notices/USN-6187-1 advisory
…and 19 more