CVE-2023-2163

CVSS V2 None CVSS V3 None

Description

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

Overview

CVE ID
CVE-2023-2163

Assigner
Google

Vulnerability Status
PUBLISHED

Published Version
2023-09-20T05:02:38.155Z

Last Modified Date
2024-05-21T03:43:35.053Z

Weakness Enumerations

CWE	URL
CWE-682	http://cwe.mitre.org/data/definitions/682.html

References

Reference URL	Reference Tags
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=71b547f561247897a0a14f3082730156c0533fed

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-2163
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2163

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 22:09:21				Added to TrackCVE