{"id":"CVE-2023-7258","summary":"Denial-of-Service in Gvisor","details":"A denial of service exists in Gvisor Sandbox where a bug in reference counting code in mount point tracking could lead to a panic, making it possible for an attacker running as root and with permission to mount volumes to kill the sandbox. We recommend upgrading past commit 6a112c60a257dadac59962e0bc9e9b5aee70b5b6","modified":"2026-05-01T19:36:52.956544Z","published":"2024-05-15T16:29:08.574Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/7xxx/CVE-2023-7258.json","cwe_ids":["CWE-400"],"cna_assigner":"Google","unresolved_ranges":[{"extracted_events":[{"introduced":"0b983ff832b175e406f4f9b1a3868457bb1ceb7b"},{"fixed":"6a112c60a257dadac59962e0bc9e9b5aee70b5b6"}],"source":"AFFECTED_FIELD"}]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/7xxx/CVE-2023-7258.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-7258"},{"type":"FIX","url":"https://github.com/google/gvisor/commit/6a112c60a257dadac59962e0bc9e9b5aee70b5b6"},{"type":"PACKAGE","url":"https://github.com/google/gvisor"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/google/gvisor","events":[{"introduced":"0"},{"fixed":"126ee58746d10ae5064e51dec96cf580b8116875"},{"fixed":"6a112c60a257dadac59962e0bc9e9b5aee70b5b6"}],"database_specific":{"cpe":"cpe:2.3:a:google:gvisor:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"20231204.0"}],"source":["CPE_FIELD","REFERENCES"]}}],"versions":["release-20190304.1","release-20190529.1","release-20190722.1","release-20190806.1","release-20191104.0","release-20191114.0","release-20191129.0","release-20191210.0","release-20191213.0","release-20200115.0","release-20200127.0","release-20200211.0","release-20200219.0","release-20200323.0","release-20200413.0","release-20200422.0","release-20200511.0","release-20200518.0","release-20200522.0","release-20200601.0","release-20200608.0","release-20200622.1","release-20200804.0","release-20200810.0","release-20200818.0","release-20200907.0","release-20200914.0","release-20200921.0","release-20200928.0","release-20201005.0","release-20201012.0","release-20201019.0","release-20201027.0","release-20201030.0","release-20201109.0","release-20201117.0","release-20201130.0","release-20201208.0","release-20201216.0","release-20210112.0","release-20210121.1","release-20210125.0","release-20210201.0","release-20210208.0","release-20210301.0","release-20210309.0","release-20210315.0","release-20210322.0","release-20210408.0","release-20210412.0","release-20210419.0","release-20210503.0","release-20210510.0","release-20210518.0","release-20210601.0","release-20210607.0","release-20210614.0","release-20210622.0","release-20210628.0","release-20210705.0","release-20210712.0","release-20210720.0","release-20210726.0","release-20210806.0","release-20210816.0","release-20210823.0","release-20210830.0","release-20210906.0","release-20210921.0","release-20210927.0","release-20211005.0","release-20211011.0","release-20211019.0","release-20211026.0","release-20211101.0","release-20211108.0","release-20211115.0","release-20211122.0","release-20211129.0","release-20220103.0","release-20220117.0","release-20220124.0","release-20220131.0","release-20220208.0","release-20220214.0","release-20220221.0","release-20220222.0","release-20220228.0","release-20220309.0","release-20220314.0","release-20220321.0","release-20220328.0","release-20220405.0","release-20220411.0","release-20220418.0","release-20220425.0","release-20220502.1","release-20220510.0","release-20220516.0","release-20220606.0","release-20220621.0","release-20220627.0","release-20220704.0","release-20220713.0","release-20220718.0","release-20220801.0","release-20220808.0","release-20220815.0","release-20220822.0","release-20220905.0","release-20220913.0","release-20220919.0","release-20220926.0","release-20221003.0","release-20221010.0","release-20221017.0","release-20221026.0","release-20221102.1","release-20221107.0","release-20221122.0","release-20221128.0","release-20221205.0","release-20221212.0","release-20221219.0","release-20230102.0","release-20230109.0","release-20230118.0","release-20230123.0","release-20230130.0","release-20230214.0","release-20230227.0","release-20230306.0","release-20230313.0","release-20230320.0","release-20230327.0","release-20230417.0","release-20230501.0","release-20230508.0","release-20230517.0","release-20230522.0","release-20230529.0","release-20230605.0","release-20230621.0","release-20230627.0","release-20230710.0","release-20230717.0","release-20230724.0","release-20230731.0","release-20230801.0","release-20230807.0","release-20230814.0","release-20230823.0","release-20230904.0","release-20230911.0","release-20230920.0","release-20230925.0","release-20231003.0","release-20231009.0","release-20231016.0","release-20231023.0","release-20231030.0","release-20231106.0","release-20231113.0","release-20231120.0"],"database_specific":{"vanir_signatures":[{"id":"CVE-2023-7258-8c75cc02","digest":{"threshold":0.9,"line_hashes":["269802285469074608123542573705608135095","15643295923371110299552405570464642109","30707538532061579888770222677221965848","140833348707707780581757800415215888964","311327337334935848450225604739890492340","228271758042552947232133433063952989862","168102985027651801616458849826001019691","95541713137360941677230737423589630070","328970649726918352133359352452513874559","108587633537507210242609878158511307392"]},"deprecated":false,"signature_type":"Line","target":{"file":"test/syscalls/linux/mount.cc"},"source":"https://github.com/google/gvisor/commit/6a112c60a257dadac59962e0bc9e9b5aee70b5b6","signature_version":"v1"}],"vanir_signatures_modified":"2026-05-01T19:36:52Z","source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-7258.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H"}]}