A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation.
The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability.
We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.
References
Configurations
Configuration 1 (hide)
|
History
25 Aug 2023, 15:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:* |
28 Jun 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Jun 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-05-01 13:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-2235
Mitre link : CVE-2023-2235
CVE.ORG link : CVE-2023-2235
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free