Use-After-Free Vulnerability in ALSA PCM Package Could Lead to Privilege Escalation
CVE-2023-0266

7.8HIGH

Key Information:

Vendor
Linux
Status
Linux
Vendor
CVE Published:
30 January 2023

Badges

👾 Exploit Exists🟡 Public PoC🦅 CISA Reported📰 News Worthy

Summary

A vulnerability has been identified in the ALSA PCM package of the Linux Kernel, characterized by a use after free condition linked to the SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 operations. The absence of proper locking mechanisms allows for the use after free exploit, potentially enabling a local attacker to achieve privilege escalation and gain ring0 access from a system user account. It is crucial to upgrade to a secure version beyond commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e to mitigate this risk.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Linux Kernel 4.14 < 56b88b50565cd8b946a2d00b0c83927b7ebb055e

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

claude_opus_cve_2023_0266
Created by SeanHeelan

News Articles

favicon imageGoogle Project Zero

Analyzing a Modern In-the-wild Android Exploit

By Seth Jenkins, Project ZeroIntroductionIn December 2022, Google’s Threat Analysis Group (TAG) discovered an in-the-wild exploit chain targeting Samsung Android devices. TAG’s blog post covers the targeting...

favicon imageHacking8 安全信息流

GitHub - SeanHeelan/claude_opus_cve_2023_0266: Demo showing Claude Opus does not find CVE-2023-0266

Demo showing Claude Opus does not find CVE-2023-0266 - SeanHeelan/claude_opus_cve_2023_0266

favicon imageBleepingComputer

New Android updates fix kernel bug exploited in spyware attacks

Android security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised devices.

References

https://github.com/torvalds/linux/commit/becf9e5d553c2389...
https://git.kernel.org/pub/scm/linux/kernel/git/stable/st...
https://github.com/torvalds/linux/commit/56b88b50565cd8b9...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 📰

    First article discovered by Google Blog

  • Vulnerability published

  • Vulnerability Reserved

.