{"api_version":"1","generated_at":"2026-04-22T23:52:22+00:00","cve":"CVE-2023-3567","urls":{"html":"https://cve.report/CVE-2023-3567","api":"https://cve.report/api/cve/CVE-2023-3567.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-3567","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-3567"},"summary":{"title":"CVE-2023-3567","description":"A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-07-24 16:15:00","updated_at":"2024-01-30 17:15:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"https://www.spinics.net/lists/stable-commits/msg285184.html","name":"https://www.spinics.net/lists/stable-commits/msg285184.html","refsource":"MISC","tags":[],"title":"Patch \"vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF\" has been added to the 6.1-stable tree — Linux Stable Commits","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2024:0448","name":"RHSA-2024:0448","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0432","name":"RHSA-2024:0432","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html","name":"http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html","refsource":"","tags":[],"title":"Kernel Live Patch Security Notice LSN-0099-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2024:0439","name":"RHSA-2024:0439","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0412","name":"RHSA-2024:0412","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221463","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2221463","refsource":"MISC","tags":[],"title":"2221463 – (CVE-2023-3567) CVE-2023-3567 kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2024:0431","name":"RHSA-2024:0431","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0575","name":"RHSA-2024:0575","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2023-3567","name":"https://access.redhat.com/security/cve/CVE-2023-3567","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html","name":"http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html","refsource":"MISC","tags":[],"title":"Kernel Live Patch Security Notice LSN-0098-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-3567","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3567","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"20.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"22.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.2.0","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.2.0","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.2.0","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.2.0","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.2.0","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.2.0","cpe7":"rc6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3567","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-3567","qid":"199775","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6341-1)"},{"cve":"CVE-2023-3567","qid":"242759","title":"Red Hat Update for kernel (RHSA-2024:0432)"},{"cve":"CVE-2023-3567","qid":"242789","title":"Red Hat Update for kernel (RHSA-2024:0575)"},{"cve":"CVE-2023-3567","qid":"242845","title":"Red Hat Update for kernel (RHSA-2024:0448)"},{"cve":"CVE-2023-3567","qid":"242846","title":"Red Hat Update for kernel-rt (RHSA-2024:0439)"},{"cve":"CVE-2023-3567","qid":"242847","title":"Red Hat Update for kernel-rt (RHSA-2024:0431)"},{"cve":"CVE-2023-3567","qid":"242855","title":"Red Hat Update for kernel (RHSA-2024:0412)"},{"cve":"CVE-2023-3567","qid":"356753","title":"Amazon Linux Security Advisory for kernel : ALAS2-2023-2359"},{"cve":"CVE-2023-3567","qid":"356782","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-1897"},{"cve":"CVE-2023-3567","qid":"379043","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)"},{"cve":"CVE-2023-3567","qid":"379435","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2024:0012)"},{"cve":"CVE-2023-3567","qid":"673354","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2843)"},{"cve":"CVE-2023-3567","qid":"673496","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2860)"},{"cve":"CVE-2023-3567","qid":"754275","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3309-1)"},{"cve":"CVE-2023-3567","qid":"754281","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3349-1)"},{"cve":"CVE-2023-3567","qid":"754829","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP3) (SUSE-SU-2023:3594-1)"},{"cve":"CVE-2023-3567","qid":"754830","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 15 SP1) (SUSE-SU-2023:3596-1)"},{"cve":"CVE-2023-3567","qid":"754831","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 15 SP3) (SUSE-SU-2023:3595-1)"},{"cve":"CVE-2023-3567","qid":"754834","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 25 for SLE 15 SP3) (SUSE-SU-2023:3607-1)"},{"cve":"CVE-2023-3567","qid":"754835","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 37 for SLE 15 SP1) (SUSE-SU-2023:3603-1)"},{"cve":"CVE-2023-3567","qid":"754838","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 38 for SLE 15 SP2) (SUSE-SU-2023:3622-1)"},{"cve":"CVE-2023-3567","qid":"754839","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 37 for SLE 15 SP2) (SUSE-SU-2023:3621-1)"},{"cve":"CVE-2023-3567","qid":"754840","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 15 SP2) (SUSE-SU-2023:3620-1)"},{"cve":"CVE-2023-3567","qid":"754841","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15 SP3) (SUSE-SU-2023:3623-1)"},{"cve":"CVE-2023-3567","qid":"754842","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 35 for SLE 15 SP2) (SUSE-SU-2023:3612-1)"},{"cve":"CVE-2023-3567","qid":"754844","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 32 for SLE 15 SP3) (SUSE-SU-2023:3628-1)"},{"cve":"CVE-2023-3567","qid":"754845","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP3) (SUSE-SU-2023:3627-1)"},{"cve":"CVE-2023-3567","qid":"754846","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 34 for SLE 15 SP3) (SUSE-SU-2023:3632-1)"},{"cve":"CVE-2023-3567","qid":"754847","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 33 for SLE 15 SP3) (SUSE-SU-2023:3631-1)"},{"cve":"CVE-2023-3567","qid":"754848","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:3630-1)"},{"cve":"CVE-2023-3567","qid":"754854","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 8 for SLE 15 SP4) (SUSE-SU-2023:3644-1)"},{"cve":"CVE-2023-3567","qid":"754873","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:3671-1)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-3567","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Use After Free","cweId":"CWE-416"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"6.2-rc7","status":"unaffected"}]}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 6","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unknown"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unknown"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}}]}}]}},"references":{"reference_data":[{"url":"http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html","refsource":"MISC","name":"http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html"},{"url":"https://access.redhat.com/security/cve/CVE-2023-3567","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-3567"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221463","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2221463"},{"url":"https://www.spinics.net/lists/stable-commits/msg285184.html","refsource":"MISC","name":"https://www.spinics.net/lists/stable-commits/msg285184.html"}]},"work_around":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.1,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-07-24 16:15:00","lastModifiedDate":"2024-01-30 17:15:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.1,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.2.0:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.2.0:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.2.0","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.2.0:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.2.0:rc4:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.2.0:rc5:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.2.0:rc6:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}