CVE-2023-5717
Out-of-bounds write in Linux kernel's Linux Kernel Performance Events (perf) component
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.
If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.
We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
Se puede aprovechar una vulnerabilidad de escritura fuera de límites del montón en el componente Linux Kernel Performance Events (perf) del kernel de Linux para lograr una escalada de privilegios local. Si se llama a perf_read_group() mientras la lista de hermanos de un evento es más pequeña que la lista de hermanos de su hijo, puede incrementar o escribir en ubicaciones de memoria fuera del búfer asignado. Recomendamos actualizar después del commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
A flaw was found in the Linux kernel's Performance Events system component. A condition can be triggered that allows data to be written past the end or before the beginning of the intended memory buffer. This issue may lead to a system crash, code execution, or local privilege escalation.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-10-23 CVE Reserved
- 2023-10-25 CVE Published
- 2023-10-26 EPSS Updated
- 2024-01-23 First Exploit
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-787: Out-of-bounds Write
CAPEC
- CAPEC-233: Privilege Escalation
References (7)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html |
|
|
| https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/uthrasri/CVE-2023-5717 | 2024-01-23 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2023-5717 | 2024-05-01 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2246945 | 2024-05-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.4 < 6.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.4 < 6.6" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6 Search vendor "Linux" for product "Linux Kernel" and version "6.6" | rc1 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6 Search vendor "Linux" for product "Linux Kernel" and version "6.6" | rc2 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6 Search vendor "Linux" for product "Linux Kernel" and version "6.6" | rc3 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6 Search vendor "Linux" for product "Linux Kernel" and version "6.6" | rc4 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6 Search vendor "Linux" for product "Linux Kernel" and version "6.6" | rc5 |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.6 Search vendor "Linux" for product "Linux Kernel" and version "6.6" | rc6 |
Affected
| ||||||