Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-2598

Published: 01/06/2023 Updated: 01/05/2024
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Linux Kernel

Vulnerability Summary

A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

netapp hci baseboard management controller h300s

netapp hci baseboard management controller h500s

netapp hci baseboard management controller h700s

netapp hci baseboard management controller h410s

netapp hci baseboard management controller h410c

Vendor Advisories

Red Hat:
Description<!----> This CVE is under investigation by Red Hat Product Security ...

Mailing Lists

Full Disclosure: CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy <!--X-Subject-Header-End-- ...

Github Repositories

https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598

LPE PoC of a vulnerability in the io_uring subsystem of the Linux Kernel.

io_uring_LPE-CVE-2023-2598 LPE exploit for CVE-2023-2598 My write-up of the vulnerability: Conquering the memory through io_uring - Analysis of CVE-2023-2598 You can compile the exploit with gcc exploitc -luring -o exploit Disclaimer For educational and research purposes only Use at your own risk

https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582

LPE exploit for CVE-2024-0582 (io_uring)

io_uring_LPE-CVE-2024-0582 LPE exploit for CVE-2024-0582 I will not be releasing a write-up for this vulnerability as my method of exploitation is almost the same as for CVE-2023-2598 You can read the exploitation section of my write-up on CVE-2023-2598 to understand this exploit as well: Conquering the memory through io_uring - Analysis of CVE-2023-2598 If you want to read

References

CWE-787https://www.openwall.com/lists/oss-security/2023/05/08/3https://security.netapp.com/advisory/ntap-20230703-0006/http://www.openwall.com/lists/oss-security/2024/04/24/3https://nvd.nist.govhttps://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598https://seclists.org/oss-sec/2024/q2/172https://access.redhat.com/security/cve/cve-2023-2598
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook