CVSS 3.1 Score 9.8 of 10 (high)


Published Dec 4, 2023
Updated: Dec 22, 2023


CVE-2023-21164 is a cyber vulnerability that has been assigned a risk score of 65. It is classified as a critical vulnerability with a base score of 9.8. This vulnerability affects the DevmemIntMapPMR in devicemem_server.c and can result in arbitrary code execution due to a use after free issue. The exploit does not require user interaction and can lead to local escalation of privilege in the kernel without requiring additional execution privileges. The potential impact of this vulnerability is high, with the possibility of compromising integrity, confidentiality, and availability of affected systems. It is recommended to apply remediation measures promptly to mitigate the risk posed by this vulnerability.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-21164 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options