CISA KEV 정보
| 취약점명 | Linux Kernel Improper Ownership Management Vulnerability |
|---|---|
| 설명 | Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system. |
| 조치사항 | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-282 |
| 등록일 (KEV) | 2025-06-17 |
| 조치 기한 | 2025-07-08 |
| 추가 참고 | This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a ; https://access.redhat.com/security/cve/cve-2023-0386 ; https://security.netapp.com/advisory/ntap-20230420-0004/ ; https://nvd.nist.gov/vuln/detail/CVE-2023-0386 |
NVD 상세 정보
CVSS v3.1: 7.8 HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H설명: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
CWE: CWE-282
참조
- http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html [Third Party Advisory]
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a [Broken Link, Mailing List, Patch, Vendor Advisory]
- https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html [Mailing List, Third Party Advisory]
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html [Mailing List, Third Party Advisory]
- https://security.netapp.com/advisory/ntap-20230420-0004/ [Third Party Advisory]
- https://www.debian.org/security/2023/dsa-5402 [Third Party Advisory]
- http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html [Third Party Advisory]
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a [Broken Link, Mailing List, Patch, Vendor Advisory]
- https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html [Mailing List, Third Party Advisory]
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html [Mailing List, Third Party Advisory]
- https://security.netapp.com/advisory/ntap-20230420-0004/ [Third Party Advisory]
- https://www.debian.org/security/2023/dsa-5402 [Third Party Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-0386 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.