Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6043-1
HistoryApr 26, 2023 - 1:39 p.m.

linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities

2023-04-2613:39:51
Google
osv.dev
23
linux kernel
vulnerabilities
elevated privileges
tcindex
overlayfs

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

61.0%

JSON

It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel did not properly perform filter deactivation in some
situations. A local attacker could possibly use this to gain elevated
privileges. Please note that with the fix for this CVE, kernel support for
the TCINDEX classifier has been removed. (CVE-2023-1829)

It was discovered that the OverlayFS implementation in the Linux kernel did
not properly handle copy up operation in some conditions. A local attacker
could possibly use this to gain elevated privileges. (CVE-2023-0386)

Related

nessus 83
openvas 17
ubuntu 11
cve 2
redhat 17
almalinux 4
githubexploit 10
prion 2
cbl_mariner 5
nvd 2
zdi 1
f5 1
redhatcve 3
osv 25
packetstorm 1
ubuntucve 2
oraclelinux 2
metasploit 1
zdt 1
debiancve 2
cvelist 2
debian 2
rocky 3
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6043-1)
2023-04-26 00:00:00
RHEL 9 : kpatch-patch (RHSA-2023:1681)
2023-04-15 00:00:00
RHEL 9 : kernel-rt (RHSA-2023:1980)
2023-04-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6043-1)
2023-04-27 00:00:00
Ubuntu: Security Advisory (USN-6047-1)
2023-04-28 00:00:00
Ubuntu: Security Advisory (USN-6069-1)
2023-05-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-04-26 00:00:00
Linux kernel vulnerability
2023-04-27 00:00:00
Linux kernel vulnerability
2023-05-01 00:00:00
cve
cve
CVE-2023-0386
2023-03-22 21:15:18
CVE-2023-1829
2023-04-12 12:15:07
redhat
redhat
(RHSA-2023:1703) Important: kernel security and bug fix update
2023-04-11 13:44:29
(RHSA-2023:1984) Important: kpatch-patch security update
2023-04-25 10:02:44
(RHSA-2023:1980) Important: kernel-rt security and bug fix update
2023-04-25 09:58:17
almalinux
almalinux
Important: kernel security and bug fix update
2023-04-11 00:00:00
Important: kernel-rt security and bug fix update
2023-04-11 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-04-04 00:00:00
githubexploit
githubexploit
Exploit for Improper Ownership Management in Linux Linux Kernel
2023-12-23 11:01:55
Exploit for Improper Ownership Management in Linux Linux Kernel
2023-05-16 10:26:10
Exploit for Improper Ownership Management in Linux Linux Kernel
2024-04-05 05:47:00
prion
prion
Design/Logic Flaw
2023-03-22 21:15:00
Design/Logic Flaw
2023-04-12 12:15:00
cbl_mariner
cbl_mariner
CVE-2023-0386 affecting package kernel 5.10.183.1-1
2023-07-28 23:16:55
CVE-2023-0386 affecting package hyperv-daemons 5.10.185.1-1
2023-08-15 16:37:27
CVE-2023-0386 affecting package kernel for versions less than 5.15.107.1-2
2023-05-03 16:08:28
nvd
nvd
CVE-2023-0386
2023-03-22 21:15:18
CVE-2023-1829
2023-04-12 12:15:07
zdi
zdi
(Pwn2Own) Canonical Ubuntu tcindex Double-Free Local Privilege Escalation Vulnerability
2023-07-06 00:00:00
f5
f5
K000137584 : Linux kernel vulnerability CVE-2023-1829
2023-11-15 00:00:00
redhatcve
redhatcve
CVE-2023-0386
2023-03-22 09:43:06
CVE-2023-1829
2023-04-20 21:01:00
CVE-2021-3847
2021-10-14 20:05:12
osv
osv
suse-module-tools-16.0.36-1.1 on GA media
2024-06-15 00:00:00
Important: kernel-rt security and bug fix update
2023-04-11 00:00:00
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerability
2023-04-27 22:32:46
packetstorm
packetstorm
Linux OverlayFS Local Privilege Escalation
2024-09-27 00:00:00
ubuntucve
ubuntucve
CVE-2023-0386
2023-03-22 00:00:00
CVE-2023-1829
2023-04-12 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2023-04-12 00:00:00
kernel security, bug fix, and enhancement update
2023-04-05 00:00:00
metasploit
metasploit
Local Privilege Escalation via CVE-2023-0386
2024-09-05 13:54:55
zdt
zdt
Linux OverlayFS Local Privilege Escalation Exploit
2024-09-29 00:00:00
debiancve
debiancve
CVE-2023-1829
2023-04-12 12:15:07
CVE-2023-0386
2023-03-22 21:15:18
cvelist
cvelist
CVE-2023-1829 Use-after-free in tcindex (traffic control index filter) in the Linux Kernel
2023-04-12 11:16:59
CVE-2023-0386
2023-03-22 00:00:00
debian
debian
[SECURITY] [DLA 3446-1] linux-5.10 security update
2023-06-05 18:45:37
[SECURITY] [DSA 5402-1] linux security update
2023-05-13 11:20:28
rocky
rocky
kernel-rt security and bug fix update
2023-04-26 15:28:18
kernel security, bug fix, and enhancement update
2023-05-05 15:42:05
kernel security, bug fix, and enhancement update
2023-04-06 15:52:32

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

61.0%

JSON
Related for OSV:USN-6043-1
nessus83openvas17ubuntu11cve2redhat17almalinux4githubexploit10prion2cbl_mariner5nvd2zdi1f51redhatcve3osv25packetstorm1ubuntucve2oraclelinux2metasploit1zdt1debiancve2cvelist2debian2rocky3