VIR Vulnerability Intelligence Relay

CVE-2023-0266

high KEV
Published 2023-03-27 · Modified 2023-03-27
CVSS v3
CVSS v2
VIR risk
9.5

Description

Important: kernel-rt security and bug fix update

CISA KEV

Vendor
Linux
Product
Kernel
Due date
2023-04-20

Predictions

Exploit likelihood
99%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-1469.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2023-1470.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2156322

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-1584.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:1584

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2023-1566.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2163379

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2159505

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2152548

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2150272

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2023:1566

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4; https://nvd.nist.gov/vuln/detail/CVE-2023-0266

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2023-0266

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1469

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1470

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2023-0266.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1566

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2023:1584

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RXSA-2023:1566

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:1471

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:1470

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2023:1469

Exploits

OS impact
OSVersionStatusFixed in
arch archfixed6.2-1
redhat rhel9fixed
rockylinux rocky8fixed
suse slesaffected
rockylinux rocky9fixed
debian debianbookwormfixed6.1.7-1
debian debianbullseyefixed5.10.162-1
debian debianforkyfixed6.1.7-1
debian debiansidfixed6.1.7-1
debian debiantrixiefixed6.1.7-1

References

Verify integrity in audit chain (admin only). AS-IS.