CVE-2023-20737

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-667
View all →

Vulnerability Description

In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167.

Related Vulnerabilities

CVE-2021-0625

MEDIUM
CVSS:6.7(Medium)

In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl...

CWE-6672021

CVE-2021-39649

MEDIUM
CVSS:6.7(Medium)

In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User int...

CWE-6672021

CVE-2022-20016

MEDIUM
CVSS:6.7(Medium)

In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed f...

CWE-6672022

CVE-2022-20153

MEDIUM
CVSS:6.7(Medium)

In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges ne...

CWE-6672022

CVE-2022-20376

MEDIUM
CVSS:6.7(Medium)

In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User inte...

CWE-6672022

CVE-2022-21775

MEDIUM
CVSS:6.7(Medium)

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo...

CWE-6672022