Rewterz Threat Advisory – CVE-2023-37895 – Apache Jackrabbit Vulnerability
July 26, 2023Rewterz Threat Advisory – CVE-2023-3713 – WordPress ProfileGrid Plugin Vulnerability
July 26, 2023Rewterz Threat Advisory – CVE-2023-37895 – Apache Jackrabbit Vulnerability
July 26, 2023Rewterz Threat Advisory – CVE-2023-3713 – WordPress ProfileGrid Plugin Vulnerability
July 26, 2023Severity
Medium
Analysis Summary
CVE-2023-3863
Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a use-after-free flaw in the nfc_llcp_find_local function in net/nfc/llcp_core.c in NFC. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-3863
Affected Vendors
Linux
Affected Products
- Linux Kernel 6.4
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.