Vulnerability Description
A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some important data with expected location in memory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 6.2 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2023/07/28/1
- https://git.kernel.org/linus/97e3d26b5e5f371b3ee223d94dd123e6c442ba80Mailing ListPatch
- http://www.openwall.com/lists/oss-security/2023/07/28/1
- https://git.kernel.org/linus/97e3d26b5e5f371b3ee223d94dd123e6c442ba80Mailing ListPatch
- https://www.openwall.com/lists/oss-security/2023/07/28/1
FAQ
What is CVE-2023-0597?
CVE-2023-0597 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A loc...
How severe is CVE-2023-0597?
CVE-2023-0597 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-0597?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.