CVE-2023-3317

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jun 23, 2023

Updated: Nov 7, 2023

CWE ID 362

Summary

CVE-2023-3317 is a use-after-free vulnerability discovered in the mt7921_check_offload_capability function of the wifi mt76/mt7921 sub-component in the Linux Kernel. An attacker can exploit this flaw by releasing memory associated with the 'features' variable, leading to a system crash. Furthermore, this vulnerability may also result in a kernel information leak, potentially allowing unauthorized access to sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft .NET Framework
Microsoft Visual Studio 2022
Fedora Operating System

Affected Vendors

Microsoft
Fedora Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9PL4x
https://www.cve.org/CVERecord?id=CVE-2023-3317
https://nvd.nist.gov/vuln/detail/CVE-2023-3317

Back to Vulnerability Database