CVE-2023-4194

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 4

Advisories 35

NVD Status Modified

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.

Weaknesses

CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CWE-863: Incorrect Authorization

Related CVEs

CVE-2023-1076

CVE Status: PUBLISHED
NVD Status: Modified
CNA: Red Hat, Inc.
Published Date: 2023-08-07 14:15:11
(13 months ago)
Updated Date: 2024-09-06 18:15:05
(10 days ago)

Affected Products

Configuration #1

	CPE23	Up To
Linux Kernel 6.4 and prior versions	cpe:2.3:o:linux:linux_kernel	<= 6.4
Linux Kernel 6.5 Rc1	cpe:2.3:o:linux:linux_kernel:6.5:rc1
Linux Kernel 6.5 Rc2	cpe:2.3:o:linux:linux_kernel:6.5:rc2
Linux Kernel 6.5 Rc3	cpe:2.3:o:linux:linux_kernel:6.5:rc3
Linux Kernel 6.5 Rc4	cpe:2.3:o:linux:linux_kernel:6.5:rc4

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Enterprise Linux 9.0	cpe:2.3:o:redhat:enterprise_linux:9.0

Configuration #3

		CPE23	From	Up To
	Fedoraproject Fedora 37	cpe:2.3:o:fedoraproject:fedora:37
	Fedoraproject Fedora 38	cpe:2.3:o:fedoraproject:fedora:38

Configuration #4

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0
	Debian Linux 12.0	cpe:2.3:o:debian:debian_linux:12.0

Weaknesses

Related CVEs

Affected Products

Debian

Fedoraproject

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3

Configuration #4