Vulnerability identifier: #VU91307

Vulnerability risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52756

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the include/linux/pwm.h. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

---

External links
http://git.kernel.org/stable/c/bce1f7c7e9812da57de1dda293cba87c693e9958
http://git.kernel.org/stable/c/a98ff250b5af87f92f17bb9725cb21de1931ee57
http://git.kernel.org/stable/c/eca19db60f99925461f49c3fd743733881395728
http://git.kernel.org/stable/c/e52518b9cb9fc98fc043c8fb2b8cfc619ca8a88b
http://git.kernel.org/stable/c/a7ee519e8095d9c834086d0ff40da11415e1e4d7
http://git.kernel.org/stable/c/1fb3a9c59e7f7d2b1d737a0d6e02e31d5b516455
http://git.kernel.org/stable/c/c19a8794bf4fe45cff997f07a75ea84cc9e5d89c
http://git.kernel.org/stable/c/45d0a298e05adee521f6fe605d6a88341ba07edd
http://git.kernel.org/stable/c/d27abbfd4888d79dd24baf50e774631046ac4732

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.