CVE-2023-33250
MEDIUMLinux Kernel 6.3 - Use-After-Free in iopt_unmap_iova_range
Title source: llmDescription
The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c.
References (6)
Core 6
Core References
Mailing List
https://lore.kernel.org/linux-iommu/ZDabT%2FuRl%2FjxFhm0%40ip-172-31-85-199.ec2.internal/T/
Mailing List, Third Party Advisory
https://groups.google.com/g/syzkaller/c/G6P9yecsTZ8/m/iiqFVOM9BwAJ
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230622-0006/
Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=1211597
Scores
CVSS v3
4.4
EPSS
0.0002
EPSS Percentile
7.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (5)
linux/linux_kernel
6.3
netapp/h300s_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
Published
May 21, 2023
Tracked Since
Feb 18, 2026