VDB
CVE-2023-4385
CVE-2023-4385
PUBLISHED
Es besteht eine Schwachstelle im Linux-Kernel. Dieser Fehler besteht in "dbFree" in "fs/jfs/jfs_dmap.c" im Journaling File System (JFS) aufgrund einer NULL-Zeiger-Dereferenz, aufgrund einer fehlenden Plausibilitätsprüfung besteht. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
EPSS 0.01% · 1.0th percentile
Risk Scores
EPSS Score
0.01%
1.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell NetWorker vProxy< 19.10 | |
| Ubuntu | Ubuntu Linux | |
| SUSE | SUSE Linux | |
| Dell | Dell NetWorker vProxy< 19.9.0.4 |
Timeline
- Aug 16, 2023 CVE Published
- Aug 18, 2023 EPSS Score
- Sep 20, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Nov 26, 2023 EPSS Score
- Dec 29, 2023 EPSS Score
- Jan 31, 2024 EPSS Score
- Mar 5, 2024 EPSS Score
- Apr 7, 2024 EPSS Score
- May 10, 2024 EPSS Score
- Jun 12, 2024 EPSS Score
- Jul 16, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2077.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2077 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2219272 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016153.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016222.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016208.html advisory
- https://ubuntu.com/security/notices/USN-6388-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016214.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016211.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016233.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016326.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016622.html advisory
- https://www.dell.com/support/kbdoc/de-de/000221476/dsa-2024-058-security-update-for-dell-networker-vproxy-multiple-components-vulnerabilities advisory