#VU93736 Improper privilege management in Linux kernel


Vulnerability identifier: #VU93736

Vulnerability risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52642

CWE-ID: CWE-269

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the lirc_dev_exit() and rc_dev_get_from_fd() functions in drivers/media/rc/lirc_dev.c, within the lirc_prog_attach(), lirc_prog_detach() and lirc_prog_query() functions in drivers/media/rc/bpf-lirc.c. A local user can read and manipulate data.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions


External links
http://git.kernel.org/stable/c/93d8109bf182510629bbefc8cd45296d2393987f
http://git.kernel.org/stable/c/d98210108e7b2ff64b332b0a3541c8ad6a0617b0
http://git.kernel.org/stable/c/9f6087851ec6dce5b15f694aeaf3e8ec8243224e
http://git.kernel.org/stable/c/93136132d1b5792bf44151e3494ae3691cd738e8
http://git.kernel.org/stable/c/caf2da1d4562de4e35eedec0be2b7f1ee25d83be
http://git.kernel.org/stable/c/6a9d552483d50953320b9d3b57abdee8d436f23f
http://lists.debian.org/debian-lts-announce/2024/06/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability