CVE-2023-28410

Public on 2023-05-10
Modified on 2024-01-13
Description
Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
Important severity
Important
CVSS v3 Base Score
8.8
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel Not Affected
Amazon Linux 2 - Kernel-5.10 Extra kernel 2023-06-29 ALAS2KERNEL-5.10-2023-036 Fixed
Amazon Linux 2 - Kernel-5.15 Extra kernel 2023-06-29 ALAS2KERNEL-5.15-2023-023 Fixed
Amazon Linux 2023 kernel Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
NVD CVSSv3 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H