A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the Hardware Monitoring Linux Kernel Driver (xgene-hwmon). This flaw could allow a local attacker to crash the system due to a race problem. This vulnerability could even lead to a kernel information leak problem..This CVE has a CVSS3.1 score of 4.7 and a Base Severity of MEDIUM.
| Info | Details |
|---|---|
| CVE ID | CVE-2023-1855 |
| CVE State | PUBLISHED |
| BaseScore | NA |
| BaseSeverity | NA |
| VectorString | NA |
| Version | NA |
References for CVE-2023-1855 :
https://lore.kernel.org/all/20230318122758.2140868-1-linux%40roeck-us.net/
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
https://github.com/torvalds/linux/commit/cb090e64cf25602b9adaf32d5dfc9c8bec493cd1
| Metric Type | Metric Score |
|---|---|
| AttackVector(AV) | NA |
| AttackComplexity(AC) | NA |
| PrivilegesRequired(PR) | NA |
| UserInteraction(UI) | NA |
| Scope(S) | NA |
| Confidentiality(C) | NA |
| Availability(A) | NA |
| Integrity(I) | NA |