CVE-2023-6560 - OpenCVE

An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.7:rc4::::::

References

Link	Resource
http://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html
https://access.redhat.com/security/cve/CVE-2023-6560	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2253249	Issue Tracking
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK/
https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/	Mailing List Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-12-08T23:56:55.211Z

Updated: 2024-01-23T02:07:14.972Z

Reserved: 2023-12-06T15:58:00.683Z

Link: CVE-2023-6560

JSON object: View

NVD Information

Status : Modified

Published: 2023-12-09T00:15:07.877

Modified: 2024-01-08T16:15:46.783

Link: CVE-2023-6560

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-6560", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-12-06T15:58:00.683Z", "datePublished": "2023-12-08T23:56:55.211Z", "dateUpdated": "2024-01-23T02:07:14.972Z"}, "containers": {"cna": {"title": "Kernel: io_uring out of boundary memory access in __io_uaddr_map()", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system."}], "affected": [{"product": "kernel", "vendor": "n/a", "versions": [{"version": "6.7-rc5", "status": "unaffected"}]}, {"product": "kernel", "vendor": "n/a", "defaultStatus": "affected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"product": "Fedora", "vendor": "Fedora", "collectionURL": "https://packages.fedoraproject.org/", "packageName": "kernel", "defaultStatus": "affected"}], "references": [{"url": "http://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6560", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253249", "name": "RHBZ#2253249", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK/"}, {"url": "https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/"}], "datePublic": "2023-11-30T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-823", "description": "Use of Out-of-range Pointer Offset", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-823: Use of Out-of-range Pointer Offset", "timeline": [{"lang": "en", "time": "2023-12-06T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-11-30T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-01-23T02:07:14.972Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "02843087-747A-4630-8CAA-21ADAC4A7612", "versionEndIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*", "matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*", "matchCriteriaId": "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*", "matchCriteriaId": "C56C6E04-4F04-44A3-8DB8-93899903CFCF", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*", "matchCriteriaId": "5C78EDA4-8BE6-42FC-9512-49032D525A55", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system."}, {"lang": "es", "value": "Se encontr\u00f3 una falla de acceso a memoria fuera de los l\u00edmites en la funcionalidad de anillos io_uring SQ/CQ en el kernel de Linux. Este problema podr\u00eda permitir que un usuario local bloquee el sistema."}], "id": "CVE-2023-6560", "lastModified": "2024-01-08T16:15:46.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-12-09T00:15:07.877", "references": [{"source": "secalert@redhat.com", "url": "http://packetstormsecurity.com/files/176405/io_uring-__io_uaddr_map-Dangerous-Multi-Page-Handling.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-6560"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253249"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AU4NHBDEDLRW33O76Y6LFECEYNQET5GZ/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UCQIPFUQXKXRCH5Y4RP3C5NK4IHNBNVK/"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch"], "url": "https://patchwork.kernel.org/project/io-uring/patch/20231130194633.649319-2-axboe@kernel.dk/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-823"}], "source": "secalert@redhat.com", "type": "Secondary"}]}