Vuln Signal Radar
public-safe defensive signal
HIGHpublic-safe

CVE-2023-3640

NVD: A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. NVD: Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. NVD: However, despite this feature, there is still a risk of per-cpu entry area leaks.

CVSS
7.0
Severity
HIGH
EPSS
0.0072 (49)
KEV
-

Source-published summary

NVD: A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. NVD: Based on the previous CVE-2023-0597, the 'Randomize per-cpu entry area' feature was implemented in /arch/x86/mm/cpu_entry_area.c, which works through the init_cea_offsets() function when KASLR is enabled. NVD: However, despite this feature, there is still a risk of per-cpu entry area leaks.

Possible impact

Source describes privilege escalation risk · local exposure. Possible impact: A local user may cross a privilege boundary and gain more access than intended.

Affected context

vendor/product: linux / linux_kernel; affected version context: -, 8.0, 9.0

Remediation / advisory

Remediation reference present; patch status requires confirmation in the linked advisory.

Why it matters

Source describes privilege escalation risk · local exposure. Possible impact: A local user may cross a privilege boundary and gain more access than intended.; CVSS 7.0 (HIGH); EPSS percentile 49; not listed in KEV; Remediation reference present; patch status requires confirmation in the linked advisory; sources: NVD, OSV.

What to verify

Confirm affected product/version, vendor advisory, patch or mitigation, and exposure.

Exposure hint

local exposure

Impact tags

privilege boundary reviewlocal exposure relevant

Urgency reasons

CVSS HIGHaffected product presentvendor advisory presentrecent updateremediation reference present

Source-derived note

Summary derived from NVD / OSV description; unsafe procedural detail is not shown.

Redaction metadata

source summary used
True
fallback summary used
False
unsafe procedural detail present
false
raw source displayed
false
public summary redacted
true

Remediation handoff

Public-safe static handoff for human/Codex remediation planning. Scan, patch, external execution, and auto remediation are disabled.

Safety note

This radar shows source-published defensive context only. Exploit procedures, exploit strings, scanner commands, and auto-remediation are not provided.

Official references