Vulnerability Description
A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.36, < 4.14.308 |
Related Weaknesses (CWE)
References
- https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe1PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00005.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00006.htmlMailing ListThird Party Advisory
- https://security.netapp.com/advisory/ntap-20230413-0003/Third Party Advisory
- https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe1PatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00005.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00006.htmlMailing ListThird Party Advisory
- https://security.netapp.com/advisory/ntap-20230413-0003/Third Party Advisory
FAQ
What is CVE-2023-1118?
CVE-2023-1118 is a vulnerability with a CVSS score of 7.8 (HIGH). A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potenti...
How severe is CVE-2023-1118?
CVE-2023-1118 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1118?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.