CVE-2023-32629
CVSS V2 None
CVSS V3 None
Description
Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels
Overview
- CVE ID
- CVE-2023-32629
- Assigner
- canonical
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-07-26T01:59:47.061Z
- Last Modified Date
- 2023-07-26T02:02:46.425Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://ubuntu.com/security/notices/USN-6250-1 | vendor-advisory |
| https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html | mailing-list |
| https://wiz.io/blog/ubuntu-overlayfs-vulnerability | technical-description |
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 | issue-tracking |
| http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-32629 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 11:54:08 | Added to TrackCVE |