cve/CVE-2023-1829.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 3428c6bdc6 Update CVE sources 2024-08-05 18:41

2024-08-05 18:41:32 +00:00

1.4 KiB

Raw Permalink Blame History

CVE-2023-1829

Description

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

POC

Reference

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c710f75256bb3cf05ac7b1672c82b92c43f3d28

Github

https://github.com/EGI-Federation/SVG-advisories
https://github.com/N1ghtu/RWCTF6th-RIPTC
https://github.com/Threekiii/CVE
https://github.com/cvestone/CtfCollections
https://github.com/lanleft/CVE-2023-1829
https://github.com/lanleft/CVE2023-1829
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/star-sg/CVE
https://github.com/xairy/linux-kernel-exploitation

1.4 KiB Raw Permalink Blame History

CVE-2023-1829

Description

POC

Reference

Github

1.4 KiB

Raw Permalink Blame History