CVE-2023-5717

Published Oct 25, 2023

Last updated 3 months ago

CVSS high 7.8

Overview

Description: A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation. If perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer. We recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06.
Source: cve-coordination@google.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-787
cve-coordination@google.com: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0791B33-98B2-4081-91D6-F6E6C6342088",
            "versionEndExcluding": "3.3",
            "versionStartIncluding": "3.2.95"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04CF39E5-B417-4D51-8790-B5A3C24CF085",
            "versionEndExcluding": "3.17",
            "versionStartIncluding": "3.16.50"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C31A02B-0175-4A49-8B2A-63D1F07114C2",
            "versionEndExcluding": "4.14.328",
            "versionStartIncluding": "4.4"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02978144-891F-40EF-83B8-59063740AEF6",
            "versionEndExcluding": "4.19.297",
            "versionStartIncluding": "4.15"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9F46843-24C9-4AC7-B6BB-1EF101D05435",
            "versionEndExcluding": "5.4.259",
            "versionStartIncluding": "4.20"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D886A8D-A6CD-44FA-ACF5-DD260ECA7A1B",
            "versionEndExcluding": "5.10.199",
            "versionStartIncluding": "5.5"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED031B8B-BFA9-4475-A6D1-1419BDE46E7D",
            "versionEndExcluding": "5.15.137",
            "versionStartIncluding": "5.11"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8DBCAF5-D3B4-4DBB-A86B-26B0A6F7B805",
            "versionEndExcluding": "6.1.60",
            "versionStartIncluding": "5.16"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7530F3AE-8FCB-4E55-B216-62CE4E1CEDA3",
            "versionEndExcluding": "6.5.9",
            "versionStartIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E7C78D0A-C4A2-4D41-B726-8979E33AD0F9"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E114E9DD-F7E1-40CC-AAD5-F14E586CB2E6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References