cve/2023/CVE-2023-3269.md

### [CVE-2023-3269](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3269)
![](https://img.shields.io/static/v1?label=Product&message=Fedora&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free&color=brighgreen)

### Description

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.

### POC

#### Reference
- http://seclists.org/fulldisclosure/2023/Jul/43
- http://www.openwall.com/lists/oss-security/2023/07/28/1
- http://www.openwall.com/lists/oss-security/2023/08/25/4

#### Github
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/GhostTroops/TOP
- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
- https://github.com/LumaKernel/awesome-stars
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/aneasystone/github-trending
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/hktalent/TOP
- https://github.com/izj007/wechat
- https://github.com/johe123qwe/github-trending
- https://github.com/kherrick/hacker-news
- https://github.com/kun-g/Scraping-Github-trending
- https://github.com/lrh2000/StackRot
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/xairy/linux-kernel-exploitation
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-3269](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3269)`
			`![](https://img.shields.io/static/v1?label=Product&message=Fedora&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=kernel&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free&color=brighgreen)`

			`### Description`

			`A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.`

			`### POC`

			`#### Reference`
			`- http://seclists.org/fulldisclosure/2023/Jul/43`
			`- http://www.openwall.com/lists/oss-security/2023/07/28/1`
			`- http://www.openwall.com/lists/oss-security/2023/08/25/4`

			`#### Github`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation`
			`- https://github.com/LumaKernel/awesome-stars`
			`- https://github.com/Snoopy-Sec/Localroot-ALL-CVE`
			`- https://github.com/aneasystone/github-trending`
			`- https://github.com/giterlizzi/secdb-feeds`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/izj007/wechat`
			`- https://github.com/johe123qwe/github-trending`
			`- https://github.com/kherrick/hacker-news`
			`- https://github.com/kun-g/Scraping-Github-trending`
			`- https://github.com/lrh2000/StackRot`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/xairy/linux-kernel-exploitation`