CVE-2023-45898
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Oct 16, 2023
Updated: Nov 7, 2023
CWE ID 416
Summary
CVE-2023-45898 is a newly disclosed vulnerability affecting the Linux kernel version prior to 6.5.4. This issue leads to a use-after-free condition in the ext4 file system, specifically in the extents_status.c file, during the ext4_es_insert_extent function execution. Exploitation of this vulnerability could potentially allow attackers to execute arbitrary code with kernel privileges, resulting in a serious security risk for affected systems. System administrators are advised to upgrade their Linux kernels as soon as possible to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX