Back to bug 2219270
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Dhananjay Arunesh | 2023-07-03 07:04:44 UTC | CC | security-response-team | |
| Dhananjay Arunesh | 2023-07-03 07:27:18 UTC | Blocks | 2219280 | |
| Dhananjay Arunesh | 2023-07-03 07:32:54 UTC | Summary | EMBARGOED kernel: use-after-free bug in the Linux vmxnet3 network driver | EMBARGOED TRIAGE kernel: use-after-free bug in the Linux vmxnet3 network driver |
| Dhananjay Arunesh | 2023-07-03 07:39:43 UTC | Depends On | 2219287, 2219288 | |
| Mauro Matteo Cascella | 2023-07-04 17:20:16 UTC | Blocks | 2219280 | |
| Mauro Matteo Cascella | 2023-07-04 17:22:09 UTC | Blocks | 2219643 | |
| Mauro Matteo Cascella | 2023-07-04 17:39:29 UTC | Summary | EMBARGOED TRIAGE kernel: use-after-free bug in the Linux vmxnet3 network driver | EMBARGOED TRIAGE kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() |
| Red Hat Bugzilla | 2023-07-07 08:35:22 UTC | Assignee | security-response-team | nobody |
| Rohit Keshri | 2023-08-16 16:56:13 UTC | Fixed In Version | Kernel 5.18~19 | |
| Doc Text | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a double free while cleanup at vmxnet3_rq_cleanup_all. This vulnerability could even lead to a kernel information leak problem. | |||
| Rohit Keshri | 2023-08-16 17:26:52 UTC | Comment | 0 | updated |
| Rohit Keshri | 2023-08-16 17:27:05 UTC | CC | rkeshri | |
| Rohit Keshri | 2023-08-16 17:27:58 UTC | Summary | EMBARGOED TRIAGE kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() | EMBARGOED CVE-2023-4387 TRIAGE kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() |
| Alias | CVE-2023-4387 | |||
| Rohit Keshri | 2023-08-16 17:29:28 UTC | Summary | EMBARGOED CVE-2023-4387 TRIAGE kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() | EMBARGOED CVE-2023-4387 kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() |
| Rohit Keshri | 2023-08-16 17:30:49 UTC | CC | kernel-mgr, tglozar | |
| Summary | EMBARGOED CVE-2023-4387 kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() | CVE-2023-4387 kernel: vmxnet3: use-after-free in vmxnet3_rq_alloc_rx_buf() | ||
| Group | security, qe_staff | |||
| Rohit Keshri | 2023-08-16 17:33:56 UTC | Depends On | 2232411, 2232412 | |
| Paige Jung | 2023-08-16 18:15:02 UTC | Doc Text | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a double free while cleanup at vmxnet3_rq_cleanup_all. This vulnerability could even lead to a kernel information leak problem. | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. |
Back to bug 2219270