ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
- CVEs
- Documentation
ELS for Languages
- CVEs
- Releases
- Projects
- Documentation

CVE-2023-4387

Updated: 2023-11-07 20:23:38.889661

Description:

A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.

Links	NIST	CIRCL	RHEL	Ubuntu

Severity

	Severity	Score
CVSS Version 2.x		0
CVSS Version 3.x	HIGH	7.1

Status

OS name	Project name	Version	Score	Severity	Status	Errata	Last updated
AlmaLinux 9.2 ESU	kernel	5.14.0	7.1	HIGH	Needs Triage		2023-11-07 16:18:29
AlmaLinux 9.2 FIPS	kernel	5.14.0	7.1	HIGH	Needs Triage		2023-11-20 10:13:37
CentOS 6 ELS	kernel	2.6.32	7.1	HIGH	Not Vulnerable		2023-08-26 03:59:57
CentOS 7 ELS	kernel	3.10.0	7.1	HIGH	Needs Triage		2023-09-18 17:13:50
CentOS 8.4 ELS	kernel	4.18.0	7.1	HIGH	Released	CLSA-2023:1695715460	2023-09-26 05:08:34
CentOS 8.5 ELS	kernel	4.18.0	7.1	HIGH	Released	CLSA-2023:1695716575	2023-09-26 05:08:35
CloudLinux 6 ELS	kernel	2.6.32	7.1	HIGH	Not Vulnerable		2023-08-26 03:59:57
Oracle Linux 6 ELS	kernel	2.6.32	7.1	HIGH	Not Vulnerable		2023-08-26 03:59:57
Ubuntu 16.04 ELS	linux	4.4.0	7.1	HIGH	Released	CLSA-2023:1693333574	2023-08-29 17:06:09
Ubuntu 16.04 ELS	linux-hwe	4.15.0	7.1	HIGH	Released		2023-08-26 09:16:10

Total: 11