CVE-2023-1077

HIGH Year: 2023
CVSS v3 Score
7.0
High
Weakness Type
CWE-843
View all →

Vulnerability Description

In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.

Related Vulnerabilities

CVE-2023-42105

HIGH
CVSS:7.0(High)

Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum...

CWE-8432023

CVE-2019-8591

HIGH
CVSS:7.1(High)

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected syst...

CWE-8432019

CVE-2023-23442

HIGH
CVSS:7.1(High)

Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.

CWE-8432023

CVE-2023-23443

HIGH
CVSS:7.1(High)

Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.

CWE-8432023

CVE-2023-51426

HIGH
CVSS:7.1(High)

Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.

CWE-8432023

CVE-2023-51427

HIGH
CVSS:7.1(High)

Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.

CWE-8432023