Back to bug 2192589
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Alex | 2023-05-02 16:00:26 UTC | Doc Text | A flaw use-after-free in the Linux kernel Performance Events subsystem was found in the way user triggers simultaneously perf_group_detach function and remove_on_exec function. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |
| Alex | 2023-05-02 16:09:19 UTC | Depends On | 2192649 | |
| Alex | 2023-05-02 16:10:28 UTC | CC | jpoimboe, kpatch-maint, rhandlin | |
| Alex | 2023-05-02 16:20:19 UTC | Severity | medium | high |
| Priority | medium | high | ||
| Alex | 2023-05-02 16:25:19 UTC | Depends On | 2192658, 2192663, 2192653, 2192655, 2192661, 2192656, 2192654, 2192652, 2192651, 2192660, 2192659, 2192662, 2192657 | |
| RaTasha Tillery-Smith | 2023-05-02 18:47:01 UTC | Doc Text | A flaw use-after-free in the Linux kernel Performance Events subsystem was found in the way user triggers simultaneously perf_group_detach function and remove_on_exec function. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perf_group_detach and remove_on_exec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system. |
| Alex | 2023-05-24 10:57:22 UTC | CC | cwarfiel | |
| Summary | CVE-2023-2235 kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events | CVE-2023-2235 kernel: use-after-free vulnerability in the perf_group_detach function of the Linux K ernel Performance Events | ||
| Alex | 2023-05-24 10:59:38 UTC | Depends On | 2209647, 2209645, 2209646, 2209644 | |
| Joe Lawrence | 2023-05-24 13:15:54 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-05-25 07:41:56 UTC | Depends On | 2209895 | |
| Alex | 2023-05-25 07:43:45 UTC | Flags | needinfo?(allarkin) | |
| Mauro Matteo Cascella | 2023-06-14 13:57:09 UTC | Summary | CVE-2023-2235 kernel: use-after-free vulnerability in the perf_group_detach function of the Linux K ernel Performance Events | CVE-2023-2235 kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events |
| errata-xmlrpc | 2023-06-21 08:45:53 UTC | Link ID | Red Hat Product Errata RHSA-2023:3705 | |
| errata-xmlrpc | 2023-06-21 14:38:41 UTC | Link ID | Red Hat Product Errata RHSA-2023:3708 | |
| errata-xmlrpc | 2023-06-21 14:39:17 UTC | Link ID | Red Hat Product Errata RHSA-2023:3723 | |
| Red Hat Bugzilla | 2023-07-07 08:33:01 UTC | Assignee | security-response-team | nobody |
| errata-xmlrpc | 2023-07-18 08:28:43 UTC | Link ID | Red Hat Product Errata RHSA-2023:4137 | |
| errata-xmlrpc | 2023-07-18 08:28:53 UTC | Link ID | Red Hat Product Errata RHSA-2023:4138 | |
| errata-xmlrpc | 2023-08-08 07:54:27 UTC | Link ID | Red Hat Product Errata RHSA-2023:4541 | |
| errata-xmlrpc | 2023-08-08 08:19:52 UTC | Link ID | Red Hat Product Errata RHSA-2023:4517 |
Back to bug 2192589