CVE-2023-35828

moderate-risk
Published 2023-06-18

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (6)

H410C

Affected Vendors

Linux Netapp

References (12)

Release Notes https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
Vendor Advisory https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2b...
Third Party Advisory https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
Mailing List https://lore.kernel.org/all/20230327121700.52d881e0%40canb.auug.org.au/
Mailing List https://lore.kernel.org/lkml/CAJedcCwkuznS1kSTvJXhzPoavcZDWNhNMshi-Ux0spSVRwU=RA...
Third Party Advisory https://security.netapp.com/advisory/ntap-20230803-0002/
Release Notes https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
Vendor Advisory https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2b...
Third Party Advisory https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
Mailing List https://lore.kernel.org/all/20230327121700.52d881e0%40canb.auug.org.au/
Mailing List https://lore.kernel.org/lkml/CAJedcCwkuznS1kSTvJXhzPoavcZDWNhNMshi-Ux0spSVRwU=RA...
Third Party Advisory https://security.netapp.com/advisory/ntap-20230803-0002/
31
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 13/34 · Low