CVE-2023-20746

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-667
View all →

Vulnerability Description

In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519217.

Related Vulnerabilities

CVE-2021-0625

MEDIUM
CVSS:6.7(Medium)

In ccu, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl...

CWE-6672021

CVE-2021-39649

MEDIUM
CVSS:6.7(Medium)

In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User int...

CWE-6672021

CVE-2022-20016

MEDIUM
CVSS:6.7(Medium)

In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed f...

CWE-6672022

CVE-2022-20153

MEDIUM
CVSS:6.7(Medium)

In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges ne...

CWE-6672022

CVE-2022-20376

MEDIUM
CVSS:6.7(Medium)

In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User inte...

CWE-6672022

CVE-2022-21775

MEDIUM
CVSS:6.7(Medium)

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo...

CWE-6672022