Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-6039— Kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect

CVSS 5.5 · Medium EPSS 0.02% · P5
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-6039

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Kernel: use-after-free in drivers/net/usb/lan78xx.c in lan78xx_disconnect
Source: NVD (National Vulnerability Database)
Vulnerability Description
A use-after-free flaw was found in lan78xx_disconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux Kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux Kernel存在安全漏洞,该漏洞源于lan78xx_disconnect 中的 drivers/net/usb/lan78xx.c 发现了释放后重用问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Kernel 6.5-rc5 -
Red HatRed Hat Enterprise Linux 6-cpe:/o:redhat:enterprise_linux:6
Red HatRed Hat Enterprise Linux 7-cpe:/o:redhat:enterprise_linux:7
Red HatRed Hat Enterprise Linux 7-cpe:/o:redhat:enterprise_linux:7
Red HatRed Hat Enterprise Linux 8-cpe:/o:redhat:enterprise_linux:8
Red HatRed Hat Enterprise Linux 8-cpe:/o:redhat:enterprise_linux:8
Red HatRed Hat Enterprise Linux 9-cpe:/o:redhat:enterprise_linux:9
Red HatRed Hat Enterprise Linux 9-cpe:/o:redhat:enterprise_linux:9
FedoraFedora--

II. Public POCs for CVE-2023-6039

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-6039

登录查看更多情报信息。

Same Patch Batch · n/a · 2023-11-09 · 19 CVEs total

CVE-2023-261565.6 MEDIUMchromedriver 安全漏洞
CVE-2023-47366Line 安全漏洞
CVE-2023-47489Combodo iTop 安全漏洞
CVE-2023-47488Combodo iTop 跨站脚本漏洞
CVE-2023-47373Line 安全漏洞
CVE-2023-47372Line 安全漏洞
CVE-2023-47370Line 安全漏洞
CVE-2023-47369Line 安全漏洞
CVE-2023-47368Line 安全漏洞
CVE-2023-47367Line 安全漏洞
CVE-2023-47365Line 安全漏洞
CVE-2023-47364Line 安全漏洞
CVE-2023-47363Line 安全漏洞
CVE-2023-46894Espressif Systems esptool 安全漏洞
CVE-2023-46492MLDB 安全漏洞
CVE-2023-45885NASA Open MCT 安全漏洞
CVE-2023-45884NASA Open MCT 安全漏洞
CVE-2023-29975Pfsense CE 安全漏洞

IV. Related Vulnerabilities

Same product: Kernel
Same vendor: n/a
Same weakness: CWE-416

V. Comments for CVE-2023-6039

No comments yet

Leave a comment