Main Vulnerability Database Exploits ID:9123 - Exploit for Improper validation of array index in Linux kernel - CVE-2023-2008

ID:9123 - Exploit for Improper validation of array index in Linux kernel - CVE-2023-2008

Published: June 22, 2023

Vulnerability identifier: #VU75102

Vulnerability risk: Low

CVE-ID: CVE-2023-2008

CWE-ID: CWE-129

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/u1f383/reproduce_exp

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect validation of array index within a fault handler in drivers/dma-buf/udmabuf.c. A local privileged user can execute arbitrary code with kernel privileges.

Remediation

Install updates from vendor's website.

ID:9123 - Exploit for Improper validation of array index in Linux kernel - CVE-2023-2008

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human