{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-0386", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2025-06-17T22:20:23.281Z", "dateReserved": "2023-01-18T00:00:00.000Z", "datePublished": "2023-03-22T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-06-27T12:11:02.905Z"}, "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system."}], "affected": [{"vendor": "n/a", "product": "Kernel", "versions": [{"version": "Linux kernel 6.2-rc6", "status": "affected"}]}], "references": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a"}, {"url": "https://security.netapp.com/advisory/ntap-20230420-0004/"}, {"name": "DSA-5402", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2023/dsa-5402"}, {"name": "[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"}, {"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"}, {"name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-282", "cweId": "CWE-282"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:10:55.563Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230420-0004/", "tags": ["x_transferred"]}, {"name": "DSA-5402", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2023/dsa-5402"}, {"name": "[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"}, {"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-06-17T17:23:59.859202Z", "id": "CVE-2023-0386", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2025-06-17", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T22:20:23.281Z"}, "timeline": [{"time": "2025-06-17T00:00:00+00:00", "lang": "en", "value": "CVE-2023-0386 added to CISA KEV"}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230420-0004/", "tags": ["x_transferred"]}, {"url": "https://www.debian.org/security/2023/dsa-5402", "name": "DSA-5402", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html", "name": "[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update", "tags": ["mailing-list", "x_transferred"]}, {"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", "tags": ["mailing-list", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:10:55.563Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-0386", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-17T17:23:59.859202Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2025-06-17", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T16:05:20.501Z"}, "timeline": [{"lang": "en", "time": "2025-06-17T00:00:00+00:00", "value": "CVE-2023-0386 added to CISA KEV"}]}], "cna": {"affected": [{"vendor": "n/a", "product": "Kernel", "versions": [{"status": "affected", "version": "Linux kernel 6.2-rc6"}]}], "references": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a"}, {"url": "https://security.netapp.com/advisory/ntap-20230420-0004/"}, {"url": "https://www.debian.org/security/2023/dsa-5402", "name": "DSA-5402", "tags": ["vendor-advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html", "name": "[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update", "tags": ["mailing-list"]}, {"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "name": "[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update", "tags": ["mailing-list"]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-282", "description": "CWE-282"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-06-27T12:11:02.905Z"}}}, "cveMetadata": {"cveId": "CVE-2023-0386", "state": "PUBLISHED", "dateUpdated": "2025-06-17T22:20:23.281Z", "dateReserved": "2023-01-18T00:00:00.000Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2023-03-22T00:00:00.000Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cisaActionDue": "2025-07-08", "cisaExploitAdd": "2025-06-17", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Linux Kernel Improper Ownership Management Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*", "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "91C2E92D-CC25-4FBD-8824-56A148119D7E", "versionEndExcluding": "5.15.91", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED5B6045-B1D2-4E03-B194-9005A351BCAE", "versionEndExcluding": "6.1.9", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system."}], "id": "CVE-2023-0386", "lastModified": "2025-06-18T15:00:59.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-03-22T21:15:18.090", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Vendor Advisory", "Broken Link"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230420-0004/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5402"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory", "Broken Link"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230420-0004/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5402"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-282"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank The D. E. Shaw Group for reporting this issue.", "affected_release": [{"advisory": "RHSA-2023:1584", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-425.19.2.rt7.230.el8_7", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-04-04T00:00:00Z"}, {"advisory": "RHSA-2023:1566", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-425.19.2.el8_7", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-04-04T00:00:00Z"}, {"advisory": "RHSA-2023:1659", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-04-05T00:00:00Z"}, {"advisory": "RHSA-2023:1554", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kernel-0:4.18.0-372.51.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-04-04T00:00:00Z"}, {"advisory": "RHSA-2023:1660", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-04-05T00:00:00Z"}, {"advisory": "RHSA-2023:1703", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.23.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-04-11T00:00:00Z"}, {"advisory": "RHSA-2023:1691", "cpe": "cpe:/a:redhat:enterprise_linux:9::nfv", "package": "kernel-rt-0:5.14.0-162.23.1.rt21.186.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-04-11T00:00:00Z"}, {"advisory": "RHSA-2023:1681", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-04-10T00:00:00Z"}, {"advisory": "RHSA-2023:1703", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-162.23.1.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-04-11T00:00:00Z"}, {"advisory": "RHSA-2023:1970", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "kernel-0:5.14.0-70.53.1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-04-25T00:00:00Z"}, {"advisory": "RHSA-2023:1980", "cpe": "cpe:/a:redhat:rhel_eus:9.0::nfv", "package": "kernel-rt-0:5.14.0-70.53.1.rt21.124.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-04-25T00:00:00Z"}, {"advisory": "RHSA-2023:1984", "cpe": "cpe:/o:redhat:rhel_eus:9.0", "package": "kpatch-patch", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-04-25T00:00:00Z"}, {"advisory": "RHSA-2023:1554", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "kernel-0:4.18.0-372.51.1.el8_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2023-04-04T00:00:00Z"}, {"advisory": "RHSA-2023:1677", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "redhat-virtualization-host-0:4.5.3-202304051438_8.6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2023-04-10T00:00:00Z"}], "bugzilla": {"description": "kernel: FUSE filesystem low-privileged user privileges escalation", "id": "2159505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159505"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-282", "details": ["A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.", "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, prevent the module overlay from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically."}, "name": "CVE-2023-0386", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2023-01-24T10:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-0386\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0386\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "This vulnerability was first introduced into Red Hat Enterprise Linux starting in version 8.6. Earlier releases are not affected, including Red Hat Enterprise Linux 8.4.", "threat_severity": "Important"}