From 909440d0d9fcaa4cbd15cd3d7fe35e5a965dde97 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Fri, 17 Nov 2023 12:25:48 +0530
Subject: [PATCH] Update and rename CVE-2023-32629.yaml to CVE-2023-2640.yaml

---
 ...CVE-2023-32629.yaml => CVE-2023-2640.yaml} | 29 ++++++++++---------
 1 file changed, 16 insertions(+), 13 deletions(-)
 rename code/cves/2023/{CVE-2023-32629.yaml => CVE-2023-2640.yaml} (83%)

diff --git a/code/cves/2023/CVE-2023-32629.yaml b/code/cves/2023/CVE-2023-2640.yaml
similarity index 83%
rename from code/cves/2023/CVE-2023-32629.yaml
rename to code/cves/2023/CVE-2023-2640.yaml
index 54a9e3e4d4..c1a2b06cb8 100644
--- a/code/cves/2023/CVE-2023-32629.yaml
+++ b/code/cves/2023/CVE-2023-2640.yaml
@@ -1,4 +1,4 @@
-id: CVE-2023-32629
+id: CVE-2023-2640
 
 info:
   name: GameOver(lay) - Local Privilege Escalation in Ubuntu Kernel
@@ -6,26 +6,30 @@ info:
   severity: high
   description: |
     A local privilege escalation vulnerability has been discovered in the OverlayFS module of the Ubuntu kernel. This vulnerability could allow an attacker with local access to escalate their privileges, potentially gaining root-like access to the system.
-  reference:
-    - http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629
-    - https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html
-    - https://ubuntu.com/security/notices/USN-6250-1
+  impact: |
+    An attacker with local access can gain elevated privileges on the affected system.
   remediation: |
     Apply the latest security patches and updates provided by Ubuntu to fix the vulnerability.
+  reference:
+    - http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2640
+    - https://www.wiz.io/blog/ubuntu-overlayfs-vulnerability
+    - https://ubuntu.com/security/notices/USN-6250-1
+    - https://lists.ubuntu.com/archives/kernel-team/2023-July/140923.html
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.8
-    cve-id: CVE-2023-32629
+    cve-id: CVE-2023-2640
     cwe-id: CWE-863
+    epss-score: 0.00047
+    epss-percentile: 0.14754
     cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
-    epss-score: 0.00042
   metadata:
-    max-request: 2
-    product: ubuntu_linux
-    vendor: canonical
     verified: true
-  tags: cve,cve2023,kernel,ubuntu,linux,privesc,local
+    max-request: 2
+    vendor: canonical
+    product: ubuntu_linux
+  tags: packetstorm,cve,cve2023,kernel,ubuntu,linux,privesc,local
 
 self-contained: true
 code:
@@ -50,4 +54,3 @@ code:
           - '!contains(code_1_response, "(root)")'
           - 'contains(code_2_response, "(root)")'
         condition: and
-# digest: 4a0a00473045022100cc36ed65fa01fe534699e2db622f418a3bb9470edd14eca1eba3138a2daebd4802207b1222e3e2dd3f5701821bab6d24e5cb9976223561e411372df8a2be3a71253c:922c64590222798bb761d5b6d8e72950
\ No newline at end of file