CVE-2023-40791

Updated: 2024-01-04 19:03:16.787129

Description:

extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 6.3

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 6.3 MEDIUM Not Vulnerable 2024-01-19 13:10:34
AlmaLinux 9.2 FIPS kernel 5.14.0 6.3 MEDIUM Not Vulnerable 2024-01-19 13:09:38
CentOS 6 ELS kernel 2.6.32 6.3 MEDIUM Not Vulnerable 2023-12-26 13:12:31
CentOS 7 ELS kernel 3.10.0 6.3 MEDIUM Not Vulnerable 2023-11-03 05:08:03
CentOS 8.4 ELS kernel 4.18.0 6.3 MEDIUM Not Vulnerable 2023-11-18 13:10:41
CentOS 8.5 ELS kernel 4.18.0 6.3 MEDIUM Not Vulnerable 2023-11-18 13:10:41
CloudLinux 6 ELS kernel 2.6.32 6.3 MEDIUM Needs Triage 2023-10-21 00:23:30
Oracle Linux 6 ELS kernel 2.6.32 6.3 MEDIUM Not Vulnerable 2023-12-26 13:12:31
Ubuntu 16.04 ELS linux-hwe 4.15.0 6.3 MEDIUM Not Vulnerable 2023-10-26 11:09:44
Ubuntu 16.04 ELS linux 4.4.0 6.3 MEDIUM Not Vulnerable 2023-10-26 11:09:41
Total: 11