CVE-2023-4611

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Aug 29, 2023
Updated: Nov 7, 2023
CWE ID 400

Summary

CVE-2023-4611 is a use-after-free vulnerability identified in the memory management subsystem of the Linux Kernel, specifically in mm/mempolicy.c. This issue arises from a race condition between mbind() and VMA-locked page faults. A local attacker can exploit this flaw to cause a system crash or potentially obtain sensitive kernel information.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Vmware Rabbitmq

Affected Vendors

  • VMware Inc.