CVE-2023-7258

MEDIUM Year: 2023
CVSS v3 Score
4.8
Medium
Weakness Type
CWE-400
View all →

Vulnerability Description

A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past commit 6a112c60a257dadac59962e0bc9e9b5aee70b5b6

Related Vulnerabilities

CVE-2020-4956

MEDIUM
CVSS:4.8(Medium)

IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. By setting a grossly large cac...

CWE-4002020

CVE-2023-1654

MEDIUM
CVSS:4.8(Medium)

Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.

CWE-4002023

CVE-2024-3056

MEDIUM
CVSS:4.8(Medium)

A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large n...

CWE-4002024

CVE-2015-3248

MEDIUM
CVSS:4.7(Medium)

openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting...

CWE-4002015

CVE-2016-6213

MEDIUM
CVSS:4.7(Medium)

fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service (memory consumption and deadlock) ...

CWE-4002016

CVE-2021-47284

MEDIUM
CVSS:4.7(Medium)

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: netjet: Fix crash in nj_probe: 'nj_setup' in netjet.c might fail with -EIO and in this case 'card->irq' is initialized ...

CWE-4002021