CVE-2023-5760 – Time-of-check to time-of-use (TOCTOU) bug leads to full local privilege escalation.
https://notcve.org/view.php?id=CVE-2023-5760
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an attacker to gain full local privilege escalation on the system.This issue affects Avast/Avg Antivirus: 23.8. Un error de tiempo de verificación a tiempo de uso (TOCTOU) en el manejo de solicitudes IOCTL (control de entrada/salida). Este error de TOCTOU conduce a una vulnerabilidad de escritura fuera de los límites que puede explotarse aún más, permitiendo a un atacante obtener una escalada de privilegios local completa en el sistema. Este problema afecta a Avast/Avg Antivirus: 23.8. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •