ID:10532 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2023-0386

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10532 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2023-0386

ID:10532 - Exploit for Permissions, Privileges, and Access Controls in Linux kernel - CVE-2023-0386

Published: September 26, 2024


Vulnerability identifier: #VU74410
Vulnerability risk: Low
CVE-ID: CVE-2023-0386
CWE-ID: CWE-264
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unauthorized access to execution of setuid files in OverlayFS subsystem when copying a capable file from a nosuid mount into another mount. A local user can execute arbitrary code with root privileges.


Remediation

Install updates from vendor's website.