Lucene search

K
redhatcveRedhat.comRH:CVE-2023-0386
HistoryMar 22, 2023 - 9:43 a.m.

CVE-2023-0386

2023-03-2209:43:06
redhat.com
access.redhat.com
91
linux kernel
overlayfs
unauthorized access
privilege escalation
uid mapping bug
mitigation
red hat solution

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.0%

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Mitigation

To mitigate this issue, prevent the module overlay from being loaded. Please see <https://access.redhat.com/solutions/41278&gt; for information on how to blacklist a kernel module to prevent it from loading automatically.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.0%