CVSS Score of 10 (low)


Published Jul 6, 2023
Updated: Mar 25, 2024
CWE ID 416


CVE-2023-37454 is a vulnerability discovered in the Linux kernel through version 6.4.2. It involves a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c when a crafted UDF filesystem image is used. This vulnerability affects multiple products including Qtrc2o, ohMfk4, Qtrc2i, ohMfk3, and many others. To remediate this issue, it is recommended to update to a patched version of the Linux kernel. This vulnerability poses a medium level of danger to organizations as it can be exploited locally and may result in high availability impact.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-37454 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options