A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: fedora
Published: 2023-06-28T00:00:00
Updated: 2024-08-02T06:55:03.477Z
Reserved: 2023-06-28T00:00:00
Link: CVE-2023-3439
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-06-28T21:15:10.517
Modified: 2023-07-06T21:39:33.310
Link: CVE-2023-3439
Redhat