Updated: 2023-09-18
CWE: CWE-416: Use After Free
Description:
A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem.
CVSS3: 7.1
| OS | Vendor version | Errata |
|---|---|---|
| Amazon Linux 2 | 4.14.281-212.502.amzn2 | ALAS-2022-1798 |
| Amazon Linux 1 | 4.14.281-144.502.amzn1 | ALAS-2022-1591 |
| Ubuntu 16.04 ESM | 4.4.0-245.279 | USN-6388-1 |
| Ubuntu 20.04 AWS | 5.4.0-1085.92 | USN-5622-1 |
| Ubuntu 16.04 HWE ESM | 4.15.0-191.202~16.04.1 | USN-5560-2 |
| Ubuntu 16.04 AWS ESM | 4.4.0-1161.176 | USN-6388-1 |
| Ubuntu 16.04 GCP ESM | 4.15.0-1134.150~16.04.2 | USN-5560-2 |
| Ubuntu 16.04 AWS HWE ESM | 4.15.0-1139.150~16.04.1 | USN-5560-2 |
| Ubuntu 16.04 Azure ESM | 4.15.0-1149.164~16.04.1 | USN-5560-2 |
| Ubuntu 20.04 | 5.4.0-126.142 | USN-5622-1 |
| Ubuntu 14.04 HWE ESM | 4.4.0-245.279~14.04.1 | USN-6388-1 |
| Ubuntu 22.04 | 5.15.0-47.51 | USN-5594-1 |
| Ubuntu 22.04 AWS | 5.15.0-1019.23 | USN-5594-1 |
| Ubuntu 22.04 Azure | 5.15.0-1019.24 | USN-5594-1 |
| Debian 11 | 5.10.120-1 | DSA-5161-1 |
| Amazon Linux 2 5.10 | 5.10.118-111.515.amzn2 | ALASKERNEL-5.10-2022-014 |
| Amazon Linux 2 5.4 | 5.4.196-108.356.amzn2 | ALASKERNEL-5.4-2022-026 |
| Oracle Linux 6 UEK 4 | 4.1.12-124.79.2.el6uek | ELSA-2023-12842 |
| Oracle Linux 7 UEK 4 | 4.1.12-124.79.2.el7uek | ELSA-2023-12842 |
| OS | Original kernel version | State |
|---|---|---|
| Amazon Linux 2 | |
Will Not Fix |
| Amazon Linux 1 | |
Will Not Fix |
| Ubuntu 16.04 ESM | |
Will Not Fix |
| Ubuntu 20.04 AWS | |
Will Not Fix |
| Ubuntu 16.04 HWE ESM | |
Will Not Fix |
| Ubuntu 16.04 AWS ESM | |
Will Not Fix |
| Ubuntu 16.04 GCP ESM | |
Will Not Fix |
| Ubuntu 16.04 AWS HWE ESM | |
Will Not Fix |
| Ubuntu 16.04 Azure ESM | |
Will Not Fix |
| Ubuntu 20.04 | |
Will Not Fix |
| Ubuntu 14.04 HWE ESM | |
Will Not Fix |
| Ubuntu 22.04 | |
Will Not Fix |
| Ubuntu 22.04 AWS | |
Will Not Fix |
| Ubuntu 22.04 Azure | |
Will Not Fix |
| Debian 10 | |
Will Not Fix |
| Debian 11 | |
Will Not Fix |
| Amazon Linux 2 5.10 | |
Will Not Fix |
| Amazon Linux 2 5.4 | |
Will Not Fix |
| Oracle Linux 6 UEK 4 | |
Planned |
| Oracle Linux 7 UEK 4 | |
Planned |