Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-2008: ZDI-23-441

A flaw was found in the Linux kernel’s udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.

CVE
#vulnerability#linux#git

April 13th, 2023

Linux Kernel udmabuf Improper Validation of Array Index Local Privilege Escalation Vulnerability****ZDI-23-441
ZDI-CAN-17639

CVE ID

CVE-2023-2008

CVSS SCORE

8.2, (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

AFFECTED VENDORS

Linux

AFFECTED PRODUCTS

Kernel

VULNERABILITY DETAILS

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.

ADDITIONAL DETAILS

Linux has issued an update to correct this vulnerability. More details can be found at:
https://github.com/torvalds/linux/commit/05b252cccb2e5c3f56119d25de684b4f810ba4

DISCLOSURE TIMELINE

  • 2022-06-17 - Vulnerability reported to vendor
  • 2023-04-13 - Coordinated public release of advisory

CREDIT

Manuel Blanco Parajón; Eloi Sanfelix

BACK TO ADVISORIES

Related news

Red Hat Security Advisory 2023-3490-01

Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-3465-01

Red Hat Security Advisory 2023-3465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-3470-01

Red Hat Security Advisory 2023-3470-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:3490: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's ...

RHSA-2023:3470: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's udm...

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907