CVE-2023-33094

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 2, 2024

Updated: Apr 12, 2024

CWE ID 416

Summary

CVE-2023-33094 is a newly identified memory corruption vulnerability that occurs during VK synchronization when KASAN, a memory error detector, is enabled. This issue can potentially allow an attacker to inject and execute malicious code, leading to unintended program behavior or system crashes. The vulnerability poses a serious threat since it can bypass the intended protection of KASAN, making it essential for affected systems to be patched promptly. Users are advised to apply the necessary software updates to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/t_c6fv
https://www.cve.org/CVERecord?id=CVE-2023-33094
https://nvd.nist.gov/vuln/detail/CVE-2023-33094

Back to Vulnerability Database

CVE-2023-33094

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations