{"api_version":"1","generated_at":"2026-04-22T23:52:25+00:00","cve":"CVE-2023-1192","urls":{"html":"https://cve.report/CVE-2023-1192","api":"https://cve.report/api/cve/CVE-2023-1192.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-1192","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-1192"},"summary":{"title":"CVE-2023-1192","description":"A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-11-01 20:15:00","updated_at":"2023-11-09 15:24:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2023-1192","name":"https://access.redhat.com/security/cve/CVE-2023-1192","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98bea253aa28ad8be2ce565a9ca21beb4a9419e5","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98bea253aa28ad8be2ce565a9ca21beb4a9419e5","refsource":"MISC","tags":[],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154178","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2154178","refsource":"MISC","tags":[],"title":"2154178 – (CVE-2023-1192) CVE-2023-1192 kernel: use-after-free in smb2_is_status_io_timeout()","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-1192","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1192","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"1192","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"1192","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"1192","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-1192","qid":"161208","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-7549)"},{"cve":"CVE-2023-1192","qid":"161236","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-13047)"},{"cve":"CVE-2023-1192","qid":"161256","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-7749)"},{"cve":"CVE-2023-1192","qid":"242516","title":"Red Hat Update for kernel (RHSA-2023:7549)"},{"cve":"CVE-2023-1192","qid":"242521","title":"Red Hat Update for kernel security (RHSA-2023:7539)"},{"cve":"CVE-2023-1192","qid":"242526","title":"Red Hat Update for kernel-rt (RHSA-2023:7548)"},{"cve":"CVE-2023-1192","qid":"242575","title":"Red Hat Update for kernel (RHSA-2023:7749)"},{"cve":"CVE-2023-1192","qid":"242830","title":"Red Hat Update for kernel-rt (RHSA-2024:0563)"},{"cve":"CVE-2023-1192","qid":"242831","title":"Red Hat Update for kernel (RHSA-2024:0562)"},{"cve":"CVE-2023-1192","qid":"242845","title":"Red Hat Update for kernel (RHSA-2024:0448)"},{"cve":"CVE-2023-1192","qid":"242846","title":"Red Hat Update for kernel-rt (RHSA-2024:0439)"},{"cve":"CVE-2023-1192","qid":"242855","title":"Red Hat Update for kernel (RHSA-2024:0412)"},{"cve":"CVE-2023-1192","qid":"243050","title":"Red Hat Update for kernel (RHSA-2024:1250)"},{"cve":"CVE-2023-1192","qid":"243062","title":"Red Hat Update for kernel-rt (RHSA-2024:1306)"},{"cve":"CVE-2023-1192","qid":"755043","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3988-1)"},{"cve":"CVE-2023-1192","qid":"755060","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4031-1)"},{"cve":"CVE-2023-1192","qid":"755061","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4030-1)"},{"cve":"CVE-2023-1192","qid":"755063","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4032-1)"},{"cve":"CVE-2023-1192","qid":"755082","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4058-1)"},{"cve":"CVE-2023-1192","qid":"755083","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4057-1)"},{"cve":"CVE-2023-1192","qid":"755085","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4072-1)"},{"cve":"CVE-2023-1192","qid":"755086","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4071-1)"},{"cve":"CVE-2023-1192","qid":"755096","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4093-1)"},{"cve":"CVE-2023-1192","qid":"755107","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4095-1)"},{"cve":"CVE-2023-1192","qid":"755229","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4072-2)"},{"cve":"CVE-2023-1192","qid":"755565","title":"SUSE Security Update for the linux kernel (SUSE-SU-2023:4347-1)"},{"cve":"CVE-2023-1192","qid":"907637","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (31853-1)"},{"cve":"CVE-2023-1192","qid":"941482","title":"AlmaLinux Security Update for kernel (ALSA-2023:7549)"},{"cve":"CVE-2023-1192","qid":"961087","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:7548)"},{"cve":"CVE-2023-1192","qid":"961089","title":"Rocky Linux Security Update for kernel (RLSA-2023:7549)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-1192","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Use After Free","cweId":"CWE-416"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 6","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/security/cve/CVE-2023-1192","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-1192"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2154178","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2154178"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98bea253aa28ad8be2ce565a9ca21beb4a9419e5","refsource":"MISC","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=98bea253aa28ad8be2ce565a9ca21beb4a9419e5"}]},"work_around":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"credits":[{"lang":"en","value":"Red Hat would like to thank Pumpkin (@u1f383), working with DEVCORE Internship Program for reporting this issue."}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-11-01 20:15:00","lastModifiedDate":"2023-11-09 15:24:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.4","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}