#VU74410 Permissions, Privileges, and Access Controls in Linux kernel - CVE-2023-0386

Cybersecurity Help s.r.o.

Published: 2023-04-04 | Updated: 2024-09-26

Vulnerability identifier: #VU74410

Vulnerability risk: Low

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2023-0386

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: Yes

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unauthorized access to execution of setuid files in OverlayFS subsystem when copying a capable file from a nosuid mount into another mount. A local user can execute arbitrary code with root privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell ObjectScale

Multiple vulnerabilities in Juniper Networks Session Smart Router

Anolis OS update for kernel(ANCK)5.10

SUSE update for the Linux Kernel

Multiple vulnerabilities in Dell EMC VxRail Appliance

Ubuntu Linux kernel live patch

Multiple vulnerabilities in IBM Spectrum Protect Plus

Multiple vulnerabilities in IBM Spectrum Copy Data Management

SUSE update for the Linux Kernel (Live Patch 3 for SLE 15 SP4)