{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-1838","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","dateUpdated":"2024-08-02T06:05:26.723Z","dateReserved":"2023-04-04T00:00:00.000Z","datePublished":"2023-04-05T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2023-05-17T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem."}],"affected":[{"vendor":"n/a","product":"Kernel","versions":[{"version":"Linux Kernel prior to kernel 5.18 25","status":"affected"}]}],"references":[{"url":"https://lore.kernel.org/netdev/20220516084213.26854-1-jasowang%40redhat.com/T/"},{"url":"https://security.netapp.com/advisory/ntap-20230517-0003/"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-416","cweId":"CWE-416"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T06:05:26.723Z"},"title":"CVE Program Container","references":[{"url":"https://lore.kernel.org/netdev/20220516084213.26854-1-jasowang%40redhat.com/T/","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20230517-0003/","tags":["x_transferred"]}]}]}}