Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2023-2235 | First vendor Publication | 2023-05-01 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | N/A | Attack Range | N/A |
Cvss Impact Score | N/A | Attack Complexity | N/A |
Cvss Expoit Score | N/A | Authentication | N/A |
Calculate full CVSS 2.0 Vectors scores |
Detail
A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation. The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability. We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2235 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-416 | Use After Free |
CPE : Common Platform Enumeration
Sources (Detail)
Alert History
Date | Informations |
---|---|
2025-03-29 03:17:24 |
|
2025-03-28 13:36:14 |
|
2025-03-28 02:59:33 |
|
2025-03-19 02:55:39 |
|
2025-03-18 03:07:35 |
|
2025-03-14 02:56:11 |
|
2025-02-22 03:05:00 |
|
2025-01-08 02:49:43 |
|
2025-01-07 02:49:19 |
|
2024-12-25 02:48:05 |
|
2024-12-12 02:51:03 |
|
2024-11-28 14:21:14 |
|
2024-11-21 21:37:38 |
|
2024-11-20 02:45:38 |
|
2024-11-14 02:45:29 |
|
2024-11-09 02:46:07 |
|
2024-10-26 02:43:43 |
|
2024-10-25 02:45:31 |
|
2024-10-23 02:44:51 |
|
2024-10-03 02:40:50 |
|
2024-10-02 02:39:13 |
|
2024-09-15 02:37:31 |
|
2024-09-12 02:36:59 |
|
2024-09-04 02:38:31 |
|
2024-08-22 02:36:45 |
|
2024-08-02 13:45:15 |
|
2024-08-02 01:32:08 |
|
2024-03-12 13:33:56 |
|
2024-02-02 02:42:35 |
|
2024-02-01 12:29:14 |
|
2024-01-12 02:34:37 |
|
2023-12-29 02:32:10 |
|
2023-11-22 02:31:26 |
|
2023-09-29 13:25:43 |
|
2023-09-05 13:38:16 |
|
2023-09-05 01:28:30 |
|
2023-09-02 05:27:47 |
|
2023-09-02 01:28:57 |
|
2023-08-25 21:27:49 |
|
2023-08-12 13:42:02 |
|
2023-08-12 01:28:13 |
|
2023-08-11 13:33:05 |
|
2023-08-11 01:29:04 |
|
2023-08-06 13:30:30 |
|
2023-08-06 01:27:52 |
|
2023-08-04 13:30:59 |
|
2023-08-04 01:28:14 |
|
2023-08-02 13:20:13 |
|
2023-07-14 13:30:49 |
|
2023-07-14 01:27:53 |
|
2023-06-29 00:28:21 |
|
2023-06-09 13:27:44 |
|
2023-06-06 13:19:48 |
|
2023-05-17 13:12:45 |
|
2023-05-06 09:27:22 |
|
2023-05-01 17:27:14 |
|