Use-After-Free Vulnerability in ALSA PCM Package Could Lead to Privilege Escalation
CVE-2023-0266

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
30 January 2023

Badges

👾 Exploit Exists🟡 Public PoC🦅 CISA Reported📰 News Worthy

What is CVE-2023-0266?

A vulnerability has been identified in the ALSA PCM package of the Linux Kernel, characterized by a use after free condition linked to the SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 operations. The absence of proper locking mechanisms allows for the use after free exploit, potentially enabling a local attacker to achieve privilege escalation and gain ring0 access from a system user account. It is crucial to upgrade to a secure version beyond commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e to mitigate this risk.

CISA has reported CVE-2023-0266

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-0266 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Linux Kernel 4.14 < 56b88b50565cd8b946a2d00b0c83927b7ebb055e

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

claude_opus_cve_2023_0266
Created by SeanHeelan

News Articles

favicon imageGoogle Project Zero

Analyzing a Modern In-the-wild Android Exploit

By Seth Jenkins, Project ZeroIntroductionIn December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsung Android devices. TAG’s blog post covers the targeting...

favicon imageHacking8 安全信息流

GitHub - SeanHeelan/claude_opus_cve_2023_0266: Demo showing Claude Opus does not find CVE-2023-0266

Demo showing Claude Opus does not find CVE-2023-0266 - SeanHeelan/claude_opus_cve_2023_0266

favicon imageBleepingComputer

New Android updates fix kernel bug exploited in spyware attacks

Android security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised devices.

References

https://github.com/torvalds/linux/commit/becf9e5d553c2389...
https://git.kernel.org/pub/scm/linux/kernel/git/stable/st...
https://github.com/torvalds/linux/commit/56b88b50565cd8b9...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 📰

    First article discovered by Google Blog

  • Vulnerability published

  • Vulnerability Reserved

.