CVE-2023-4949
Status: Analyzed
Last modified:
20-11-2023
Published:
10-11-2023
6.7
SUMMARY CVE-2023-4949
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
Access CVSS3 CVE-2023-4949
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | LOCAL | HIGH | UNCHANGED | NONE |
Impact CVSS3 CVE-2023-4949
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | HIGH |
Details CVE-2023-4949
EPSS | 0.00042 |
---|---|
EPSS % | 0.05057 |
References | |
CWE | CWE-190 |
CAPEC |
|
Vulnerable Configurations |
|
CVSS3 Source | nvd@nist.gov |
CVSS3 Type | Primary |
CVSS3 Vector | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |