An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-10-04T18:03:02.966Z
Updated: 2024-09-16T11:04:09.589Z
Reserved: 2023-07-25T16:01:14.836Z
Link: CVE-2023-39191
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-10-04T19:15:10.210
Modified: 2024-08-21T18:16:34.433
Link: CVE-2023-39191
Redhat