{"api_version":"1","generated_at":"2026-04-22T23:52:25+00:00","cve":"CVE-2023-4273","urls":{"html":"https://cve.report/CVE-2023-4273","api":"https://cve.report/api/cve/CVE-2023-4273.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-4273","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-4273"},"summary":{"title":"CVE-2023-4273","description":"A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-08-09 15:15:00","updated_at":"2023-11-07 14:15:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","name":"https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","refsource":"MISC","tags":[],"title":"[SECURITY] [DLA 3623-1] linux-5.10 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5480","name":"https://www.debian.org/security/2023/dsa-5480","refsource":"MISC","tags":[],"title":"Debian -- Security Information -- DSA-5480-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2023:6583","name":"RHSA-2023:6583","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 37 Update: kernel-6.4.10-100.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2023/dsa-5492","name":"https://www.debian.org/security/2023/dsa-5492","refsource":"MISC","tags":[],"title":"Debian -- Security Information -- DSA-5492-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/security/cve/CVE-2023-4273","name":"https://access.redhat.com/security/cve/CVE-2023-4273","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 38 Update: kernel-6.4.10-200.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221609","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2221609","refsource":"MISC","tags":[],"title":"2221609 – (CVE-2023-4273) CVE-2023-4273 kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/","name":"https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/","refsource":"MISC","tags":[],"title":"CVE-2023-4273: a vulnerability in the Linux exFAT driver – My DFIR Blog","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20231027-0002/","name":"https://security.netapp.com/advisory/ntap-20231027-0002/","refsource":"MISC","tags":[],"title":"August 2023 Linux Kernel 6.5-rc5 Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-4273","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4273","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"12.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"38","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.5","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.5","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.5","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.5","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"4273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-4273","qid":"161066","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-6583)"},{"cve":"CVE-2023-4273","qid":"199764","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6385-1)"},{"cve":"CVE-2023-4273","qid":"199809","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6416-1)"},{"cve":"CVE-2023-4273","qid":"199810","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6412-1)"},{"cve":"CVE-2023-4273","qid":"199814","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6416-2)"},{"cve":"CVE-2023-4273","qid":"199840","title":"Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-6416-3)"},{"cve":"CVE-2023-4273","qid":"199844","title":"Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-6445-1)"},{"cve":"CVE-2023-4273","qid":"199858","title":"Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-6445-2)"},{"cve":"CVE-2023-4273","qid":"199883","title":"Ubuntu Security Notification for Linux kernel (NVIDIA) Vulnerabilities (USN-6466-1)"},{"cve":"CVE-2023-4273","qid":"242399","title":"Red Hat Update for kernel security (RHSA-2023:6583)"},{"cve":"CVE-2023-4273","qid":"284396","title":"Fedora Security Update for kernel (FEDORA-2023-d9509be489)"},{"cve":"CVE-2023-4273","qid":"284399","title":"Fedora Security Update for kernel (FEDORA-2023-ee241dcf80)"},{"cve":"CVE-2023-4273","qid":"6000212","title":"Debian Security Update for linux (DSA 5480-1)"},{"cve":"CVE-2023-4273","qid":"6000220","title":"Debian Security Update for linux (DSA 5492-1)"},{"cve":"CVE-2023-4273","qid":"6000265","title":"Debian Security Update for linux-5.10 (DLA 3623-1)"},{"cve":"CVE-2023-4273","qid":"6140194","title":"AWS Bottlerocket Security Update for kernel (GHSA-5ww4-gj4m-44mc)"},{"cve":"CVE-2023-4273","qid":"673484","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-3033)"},{"cve":"CVE-2023-4273","qid":"673732","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-3010)"},{"cve":"CVE-2023-4273","qid":"754832","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3600-1)"},{"cve":"CVE-2023-4273","qid":"754833","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3599-1)"},{"cve":"CVE-2023-4273","qid":"754855","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3656-1)"},{"cve":"CVE-2023-4273","qid":"754866","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3684-1)"},{"cve":"CVE-2023-4273","qid":"754867","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3683-1)"},{"cve":"CVE-2023-4273","qid":"754868","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3682-1)"},{"cve":"CVE-2023-4273","qid":"754876","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3687-1)"},{"cve":"CVE-2023-4273","qid":"754884","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3704-1)"},{"cve":"CVE-2023-4273","qid":"754899","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3599-2)"},{"cve":"CVE-2023-4273","qid":"754900","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3600-2)"},{"cve":"CVE-2023-4273","qid":"754901","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3704-2)"},{"cve":"CVE-2023-4273","qid":"754903","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3683-2)"},{"cve":"CVE-2023-4273","qid":"754919","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP4) (SUSE-SU-2023:3773-1)"},{"cve":"CVE-2023-4273","qid":"754920","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:3772-1)"},{"cve":"CVE-2023-4273","qid":"754922","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2023:3784-1)"},{"cve":"CVE-2023-4273","qid":"754923","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP4) (SUSE-SU-2023:3783-1)"},{"cve":"CVE-2023-4273","qid":"754927","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 31 for SLE 15 SP2) (SUSE-SU-2023:3788-1)"},{"cve":"CVE-2023-4273","qid":"754939","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP2) (SUSE-SU-2023:3812-1)"},{"cve":"CVE-2023-4273","qid":"754942","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2023:3806-1)"},{"cve":"CVE-2023-4273","qid":"754947","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 33 for SLE 15 SP2) (SUSE-SU-2023:3844-1)"},{"cve":"CVE-2023-4273","qid":"754976","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 15 SP2) (SUSE-SU-2023:3846-1)"},{"cve":"CVE-2023-4273","qid":"754990","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 23 for SLE 15 SP3) (SUSE-SU-2023:3892-1)"},{"cve":"CVE-2023-4273","qid":"754991","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 39 for SLE 15 SP2) (SUSE-SU-2023:3891-1)"},{"cve":"CVE-2023-4273","qid":"754992","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 38 for SLE 15 SP2) (SUSE-SU-2023:3889-1)"},{"cve":"CVE-2023-4273","qid":"754993","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 32 for SLE 15 SP2) (SUSE-SU-2023:3893-1)"},{"cve":"CVE-2023-4273","qid":"755001","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2023:3929-1)"},{"cve":"CVE-2023-4273","qid":"755002","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 2 for SLE 15 SP5) (SUSE-SU-2023:3924-1)"},{"cve":"CVE-2023-4273","qid":"755003","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2023:3923-1)"},{"cve":"CVE-2023-4273","qid":"755004","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 13 for SLE 15 SP4) (SUSE-SU-2023:3922-1)"},{"cve":"CVE-2023-4273","qid":"755005","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 35 for SLE 15 SP3) (SUSE-SU-2023:3912-1)"},{"cve":"CVE-2023-4273","qid":"755006","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 26 for SLE 15 SP3) (SUSE-SU-2023:3928-1)"},{"cve":"CVE-2023-4273","qid":"755026","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3964-1)"},{"cve":"CVE-2023-4273","qid":"755037","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3971-1)"},{"cve":"CVE-2023-4273","qid":"755038","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3969-1)"},{"cve":"CVE-2023-4273","qid":"755043","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3988-1)"},{"cve":"CVE-2023-4273","qid":"907301","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for hyperv-daemons (28619-1)"},{"cve":"CVE-2023-4273","qid":"907311","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (27914-1)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-4273","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Stack-based Buffer Overflow","cweId":"CWE-121"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"6.5-rc5","status":"unaffected"}]}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"0:5.14.0-362.8.1.el9_3","lessThan":"*","versionType":"rpm","status":"unaffected"}],"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"0:5.14.0-362.8.1.el9_3","lessThan":"*","versionType":"rpm","status":"unaffected"}],"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Enterprise Linux 6","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/errata/RHSA-2023:6583","refsource":"MISC","name":"https://access.redhat.com/errata/RHSA-2023:6583"},{"url":"https://access.redhat.com/security/cve/CVE-2023-4273","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-4273"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221609","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2221609"},{"url":"https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/","refsource":"MISC","name":"https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/"},{"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/"},{"url":"https://security.netapp.com/advisory/ntap-20231027-0002/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20231027-0002/"},{"url":"https://www.debian.org/security/2023/dsa-5480","refsource":"MISC","name":"https://www.debian.org/security/2023/dsa-5480"},{"url":"https://www.debian.org/security/2023/dsa-5492","refsource":"MISC","name":"https://www.debian.org/security/2023/dsa-5492"}]},"credits":[{"lang":"en","value":"Red Hat would like to thank Maxim Suhanov for reporting this issue."}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":6,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-08-09 15:15:00","lastModifiedDate":"2023-11-07 14:15:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}