VDB
CVE-2023-4949
CVE-2023-4949
PUBLISHED
CVSS 8.100000381469727 HIGH
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
EPSS 0.04% · 13.8th percentile
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H
EPSS Score
0.04%
13.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| xen | xen | |
| gnu | grub | 0, 0 |
| Free Software Foundation | Grub-Legacy | 0, 0 |
Exploit Intelligence
Timeline
- Nov 10, 2023 CVE Published
- Nov 11, 2023 EPSS Score
- Dec 11, 2023 EPSS Score
- Jan 11, 2024 EPSS Score
- Feb 10, 2024 EPSS Score
- Mar 11, 2024 EPSS Score
- Apr 11, 2024 EPSS Score
- May 11, 2024 EPSS Score
- Jun 10, 2024 EPSS Score
- Jul 11, 2024 EPSS Score
- Aug 10, 2024 EPSS Score
- Sep 9, 2024 EPSS Score