CVE-2023-7258

MEDIUM

gvisor < 20231204.0 - Denial of Service via Mount Point Reference Counting

Title source: llm

Description

A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past commit 6a112c60a257dadac59962e0bc9e9b5aee70b5b6

References (1)

Core 1

Core References

Patch

https://github.com/google/gvisor/commit/6a112c60a257dadac59962e0bc9e9b5aee70b5b6

View Patch ZIP pw:eip

Scores

CVSS v3 4.8

EPSS 0.0012

EPSS Percentile 31.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (1)

google/gvisor < 20231204.0

Published May 15, 2024

Tracked Since Feb 18, 2026