daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update and rename CVE-2023-32629.yaml to CVE-2023-2640.yaml

patch-1
Prince Chaddha 2023-11-17 12:25:48 +05:30 committed by GitHub
parent a97ab5cd92
commit 909440d0d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
code/cves/2023/CVE-2023-32629.yaml → code/cves/2023/CVE-2023-2640.yaml
View File

@ -1,4 +1,4 @@
id: CVE-2023-32629
id: CVE-2023-2640
info:
name: GameOver(lay) - Local Privilege Escalation in Ubuntu Kernel
@ -6,26 +6,30 @@ info:
severity: high
description: |
A local privilege escalation vulnerability has been discovered in the OverlayFS module of the Ubuntu kernel. This vulnerability could allow an attacker with local access to escalate their privileges, potentially gaining root-like access to the system.
reference:
- http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629
- https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html
- https://ubuntu.com/security/notices/USN-6250-1
impact: |
An attacker with local access can gain elevated privileges on the affected system.
remediation: |
Apply the latest security patches and updates provided by Ubuntu to fix the vulnerability.
reference:
- http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2640
- https://www.wiz.io/blog/ubuntu-overlayfs-vulnerability
- https://ubuntu.com/security/notices/USN-6250-1
- https://lists.ubuntu.com/archives/kernel-team/2023-July/140923.html
classification:
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 7.8
cve-id: CVE-2023-32629
cve-id: CVE-2023-2640
cwe-id: CWE-863
epss-score: 0.00047
epss-percentile: 0.14754
cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
epss-score: 0.00042
metadata:
max-request: 2
product: ubuntu_linux
vendor: canonical
verified: true
tags: cve,cve2023,kernel,ubuntu,linux,privesc,local
max-request: 2
vendor: canonical
product: ubuntu_linux
tags: packetstorm,cve,cve2023,kernel,ubuntu,linux,privesc,local
self-contained: true
code:
@ -50,4 +54,3 @@ code:
- '!contains(code_1_response, "(root)")'
- 'contains(code_2_response, "(root)")'
condition: and
# digest: 4a0a00473045022100cc36ed65fa01fe534699e2db622f418a3bb9470edd14eca1eba3138a2daebd4802207b1222e3e2dd3f5701821bab6d24e5cb9976223561e411372df8a2be3a71253c:922c64590222798bb761d5b6d8e72950