CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Apr 20, 2023
High
CISA KEVCVE-2023-0266
Linux—Kernel
Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.
Required Action
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4; https://nvd.nist.gov/vuln/detail/CVE-2023-0266
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Mar 30, 2023
- KEV Added
- Mar 30, 2023
- Due Date
- Apr 20, 2023
- Related Articles
- 0
Vendor
Linux
Kernel