CVE-2023-39191 : An improper input validation flaw was found in the eBPF subsystem in the Linux k

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.

Published 2023-10-04 19:15:10

Updated 2024-08-21 18:16:34

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-39191

Redhat » Enterprise Linux » Version: 9.0
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.19 and before (<) 6.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 38
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-39191

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 19 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-39191

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
8.2	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H	1.5	6.0	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High
8.2	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H	1.5	6.0	Red Hat, Inc.
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-39191

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: secalert@redhat.com (Secondary)

References for CVE-2023-39191

https://www.zerodayinitiative.com/advisories/ZDI-CAN-19399/

ZDI-23-1489 | Zero Day Initiative
Patch;Third Party Advisory;VDB Entry
https://access.redhat.com/errata/RHSA-2023:6583

RHSA-2023:6583 - Security Advisory - Red Hat カスタマーポータル
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2024:0439

RHSA-2024:0439 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/security/cve/CVE-2023-39191

CVE-2023-39191- Red Hat Customer Portal
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0381

RHSA-2024:0381 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2226783

2226783 – (CVE-2023-39191, ZDI-CAN-19399) CVE-2023-39191 kernel: eBPF: insufficient stack type checks in dynptr
Issue Tracking;Patch;Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0448

RHSA-2024:0448 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-39191

Products affected by CVE-2023-39191

Exploit prediction scoring system (EPSS) score for CVE-2023-39191

CVSS scores for CVE-2023-39191

CWE ids for CVE-2023-39191

References for CVE-2023-39191