Permissions, Privileges, and Access Controls in Linux kernel

#VU89899 Permissions, Privileges, and Access Controls in Linux kernel

Published: 2024-05-29

Vulnerability identifier: #VU89899

Vulnerability risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52880

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to missing permissions checks within the gsmld_open() function in drivers/tty/n_gsm.c. A local user with CAP_NET_ADMIN capability can create a GSM network.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://git.kernel.org/stable/c/7d303dee473ba3529d75b63491e9963342107bed
http://git.kernel.org/stable/c/7a529c9023a197ab3bf09bb95df32a3813f7ba58
http://git.kernel.org/stable/c/ada28eb4b9561aab93942f3224a2e41d76fe57fa
http://git.kernel.org/stable/c/2d154a54c58f9c8375bfbea9f7e51ba3bfb2e43a
http://git.kernel.org/stable/c/2b85977977cbd120591b23c2450e90a5806a7167
http://git.kernel.org/stable/c/67c37756898a5a6b2941a13ae7260c89b54e0d88

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

openEuler 22.03 LTS SP3 update for kernel

SUSE update for the Linux Kernel

openEuler 20.03 LTS SP4 update for kernel

SUSE update for the Linux Kernel

Security restrictions bypass in Linux kernel gsm