CVE-2023-39191
CVSS v3.1
8.2 (High)
EPSS
0.05 % (18th)
Affected Products
3
Advisories
10
NVD Status
Analyzed
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
Weaknesses
- CWE-20
- Improper Input Validation
- CWE-NVD-noinfo
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- Red Hat, Inc.
- Published Date
-
2023-10-04 19:15:10
(11 months ago) - Updated Date
-
2024-08-21 18:16:34
(3 weeks ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...