CVE-2023-6917

2024-02-2800:00:00

ubuntu.com

cve-2023-6917

performance co-pilot

systemd

privilege levels

root privileges

pcp user isolation

local exploits

symlink attacks

vulnerability

privilege escalation

unix

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

7.3 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.6%

JSON

A vulnerability has been identified in the Performance Co-Pilot (PCP)
package, stemming from the mixed privilege levels utilized by systemd
services associated with PCP. While certain services operate within the
confines of limited PCP user/group privileges, others are granted full root
privileges. This disparity in privilege levels poses a risk when privileged
root processes interact with directories or directory trees owned by
unprivileged PCP users. Specifically, this vulnerability may lead to the
compromise of PCP user isolation and facilitate local PCP-to-root exploits,
particularly through symlink attacks. These vulnerabilities underscore the
importance of maintaining robust privilege separation mechanisms within PCP
to mitigate the potential for unauthorized privilege escalation.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchpcp< anyUNKNOWN
ubuntu20.04noarchpcp< anyUNKNOWN
ubuntu22.04noarchpcp< anyUNKNOWN
ubuntu23.10noarchpcp< anyUNKNOWN
ubuntu24.04noarchpcp< anyUNKNOWN
ubuntu16.04noarchpcp< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	pcp	< any	UNKNOWN
ubuntu	20.04	noarch	pcp	< any	UNKNOWN
ubuntu	22.04	noarch	pcp	< any	UNKNOWN
ubuntu	23.10	noarch	pcp	< any	UNKNOWN
ubuntu	24.04	noarch	pcp	< any	UNKNOWN
ubuntu	16.04	noarch	pcp	< any	UNKNOWN