CVE-2023-2483

Public on 2023-05-05
Modified on 2024-03-01
Description
A race condition vulnerability was found in the Linux kernel's Qualcomm EMAC Gigabit Ethernet Controller when the user physically removes the device before cleanup in the emac_remove function. This flaw can eventually result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.
Severity
Medium severity
Medium
CVSS v3 Base Score
6.4
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel Not Affected
Amazon Linux 2 - Core kernel Not Affected
Amazon Linux 2 - Kernel-5.10 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.15 Extra kernel Not Affected
Amazon Linux 2 - Kernel-5.4 Extra kernel Not Affected
Amazon Linux 2023 kernel Not Affected

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H