Vulnerabilities > CVE-2023-1838 - Use After Free vulnerability in multiple products

047910
CVSS 7.1 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
linux
netapp
CWE-416

Summary

A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.

Vulnerable Configurations

Part Description Count
OS
Linux
1534
Hardware
Netapp
5

Common Weakness Enumeration (CWE)