Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.2
CVSSv3

CVE-2023-39191

Published: 04/10/2023 Updated: 25/01/2024
CVSS v3 Base Score: 8.2 | Impact Score: 6 | Exploitability Score: 1.5
VMScore: 0
Subscribe to Linux Kernel

Vulnerability Summary

This vulnerability allows local malicious users to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

fedoraproject fedora 38

redhat enterprise linux 9.0

Vendor Advisories

Red Hat: Important: kpatch-patch security update
概述 Important: kpatch-patch security update 类型/严重性 Security Advisory: Important Red Hat Insights 补丁分析 识别并修复受此公告影响的系统。 查看受影响的系统 标题 An update for kpatch-patch is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Security has rat ...
Red Hat: Low: Logging Subsystem 5.8.1- Red Hat OpenShift security update
Synopsis Low: Logging Subsystem 581- Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic An update is now available for RHOL-58-RHEL-9Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...
Red Hat:
Description<!---->An improper input validation flaw was found in the eBPF subsystem in the Linux kernel The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the conte ...
Google Chrome: Stable Channel Update for ChromeOS / ChromeOS Flex
Hello All,The Stable channel is being updated to&nbsp;12006099203&nbsp;(Platform version:&nbsp;15662640)&nbsp;for most ChromeOS devices and will be rolled out over the next few daysIf you find new issues, please let us know one of the following ways:File a bug&nbsp;Visit our Chrome OS communitiesGeneral:&nbsp;Chromebook Help CommunityBeta Spe ...

References

NVD-CWE-noinfohttps://bugzilla.redhat.com/show_bug.cgi?id=2226783https://www.zerodayinitiative.com/advisories/ZDI-CAN-19399/https://access.redhat.com/security/cve/CVE-2023-39191https://access.redhat.com/errata/RHSA-2023:6583https://access.redhat.com/errata/RHSA-2024:0381https://access.redhat.com/errata/RHSA-2024:0439https://access.redhat.com/errata/RHSA-2024:0448https://access.redhat.com/errata/RHSA-2024:0381https://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-23-1489/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook