CVEFinder.io

CVE-2023-23005

🔶 medium
🔍 Scan for this CVE
Summary

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_memory_type error case to be reached.

CVSS Score
5.5
Medium
EPSS Score
0.0
Exploit Probability
Published Date
2023-03-01
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 32.4% of all 318,332 vulnerabilities in our database.

#215,043
Below average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: Mar 6, 2025
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2025-03-19
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-476

📦 Affected Products 2

Vendor Product Status Affected Versions
linux linux_kernel Affected
< 6.2
suse linux_enterprise_server Affected
v15

🔗 References 3

https://bugzilla.suse.com/show_bug.cgi?id=1208844#c2
Issue Tracking Patch Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeL...
Mailing List Patch Release Notes
https://github.com/torvalds/linux/commit/4a625ceee8a...
Patch

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-25702 ⚠️ high 7.3 0.1 A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causi... 2026-03-05
CVE-2026-23231 ⚠️ high 7.8 0.0 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tabl... 2026-03-04
CVE-2025-71238 ⚠️ high 7.8 0.0 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free ... 2026-03-04
CVE-2026-23232 🔶 medium 5.5 0.0 In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fs_ena... 2026-03-04
CVE-2026-23233 ⚠️ high 7.8 0.0 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid mapping wrong physical block for... 2026-03-04
CVE-2026-23234 ⚠️ high 7.8 0.0 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fs_write_end_io() As s... 2026-03-04
These CVEs affect the same products