Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2023-52879 |
CWE-ID | CWE-416 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90084
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-52879
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the apply_event_filter() function in kernel/trace/trace_events_filter.c, within the remove_subsystem(), event_enable_read(), event_enable_write(), event_filter_read() and trace_create_new_event() functions in kernel/trace/trace_events.c, within the register_event_command() function in kernel/trace/trace.h, within the tracing_open_file_tr() and tracing_release_file_tr() functions in kernel/trace/trace.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e
http://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cfcc2fe6f
http://git.kernel.org/stable/c/cbc7c29dff0fa18162f2a3889d82eeefd67305e0
http://git.kernel.org/stable/c/2fa74d29fc1899c237d51bf9a6e132ea5c488976
http://git.kernel.org/stable/c/2c9de867ca285c397cd71af703763fe416265706
http://git.kernel.org/stable/c/9034c87d61be8cff989017740a91701ac8195a1d
http://git.kernel.org/stable/c/bb32500fb9b78215e4ef6ee8b4345c5f5d7eafb4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.