CVE-2016-10150
Description
Use-after-free vulnerability in the kvm_ioctl_create_device function in virt/kvm/kvm_main.c in the Linux kernel before 4.8.13 allows host OS users to cause a denial of service (host OS crash) or possibly gain privileges via crafted ioctl calls on the /dev/kvm device.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.003
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-3190-1) linux-image-4.8.0-37-generic_4.8.0-37.39_i386.deb | Linux |
| Linux kernel (USN-3190-1) linux-image-4.8.0-37-generic_4.8.0-37.39_amd64.deb | Linux |
| Linux kernel (USN-3190-1) linux-image-4.8.0-37-lowlatency_4.8.0-37.39_i386.deb | Linux |
| Linux kernel (USN-3190-1) linux-image-4.8.0-37-lowlatency_4.8.0-37.39_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234