Lucene search

[email protected]CVE-2023-2163

HistorySep 20, 2023 - 6:15 a.m.

CVE-2023-2163

2023-09-2006:15:10

CWE-682

[email protected]

web.nvd.nist.gov

134

cve-2023-2163

linux kernel

bpf

verifier pruning

arbitrary read/write

kernel memory

privilege escalation

container escape

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe
code paths being incorrectly marked as safe, resulting in arbitrary read/write in
kernel memory, lateral privilege escalation, and container escape.

Affected configurations

NVD

Node

linuxlinux_kernelRange5.3–5.4.242

linuxlinux_kernelRange5.5–5.10.179

linuxlinux_kernelRange5.11–5.15.109

linuxlinux_kernelRange5.16–6.1.26

linuxlinux_kernelRange6.2–6.2.13

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt5.4.242
linux:linux_kernellinux linux kernellt5.10.179
linux:linux_kernellinux linux kernellt5.15.109
linux:linux_kernellinux linux kernellt6.1.26
linux:linux_kernellinux linux kernellt6.2.13

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	5.4.242
linux:linux_kernel	linux linux kernel	lt	5.10.179
linux:linux_kernel	linux linux kernel	lt	5.15.109
linux:linux_kernel	linux linux kernel	lt	6.1.26
linux:linux_kernel	linux linux kernel	lt	6.2.13

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Linux Kernel",
    "vendor": "Linux",
    "versions": [
      {
        "lessThan": "5.4",
        "status": "unaffected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "lessThan": "71b547f561247897a0a14f3082730156c0533fed",
        "status": "affected",
        "version": "0",
        "versionType": "git"
      }
    ]
  }
]