daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update and rename CVE-2023-32629.yaml to CVE-2023-2640.yaml

patch-1
Prince Chaddha 2023-11-17 12:25:48 +05:30 committed by GitHub
parent a97ab5cd92
commit 909440d0d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
code/cves/2023/CVE-2023-32629.yaml → code/cves/2023/CVE-2023-2640.yaml
View File

@ -1,4 +1,4 @@
id: CVE-2023-32629 id: CVE-2023-2640
info: info:
name: GameOver(lay) - Local Privilege Escalation in Ubuntu Kernel name: GameOver(lay) - Local Privilege Escalation in Ubuntu Kernel
@ -6,26 +6,30 @@ info:
severity: high severity: high
description: | description: |
A local privilege escalation vulnerability has been discovered in the OverlayFS module of the Ubuntu kernel. This vulnerability could allow an attacker with local access to escalate their privileges, potentially gaining root-like access to the system. A local privilege escalation vulnerability has been discovered in the OverlayFS module of the Ubuntu kernel. This vulnerability could allow an attacker with local access to escalate their privileges, potentially gaining root-like access to the system.
reference: impact: |
- http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html An attacker with local access can gain elevated privileges on the affected system.
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32629
- https://lists.ubuntu.com/archives/kernel-team/2023-July/140920.html
- https://ubuntu.com/security/notices/USN-6250-1
remediation: | remediation: |
Apply the latest security patches and updates provided by Ubuntu to fix the vulnerability. Apply the latest security patches and updates provided by Ubuntu to fix the vulnerability.
reference:
- http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2640
- https://www.wiz.io/blog/ubuntu-overlayfs-vulnerability
- https://ubuntu.com/security/notices/USN-6250-1
- https://lists.ubuntu.com/archives/kernel-team/2023-July/140923.html
classification: classification:
cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 7.8 cvss-score: 7.8
cve-id: CVE-2023-32629 cve-id: CVE-2023-2640
cwe-id: CWE-863 cwe-id: CWE-863
epss-score: 0.00047
epss-percentile: 0.14754
cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:* cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
epss-score: 0.00042
metadata: metadata:
max-request: 2
product: ubuntu_linux
vendor: canonical
verified: true verified: true
tags: cve,cve2023,kernel,ubuntu,linux,privesc,local max-request: 2
vendor: canonical
product: ubuntu_linux
tags: packetstorm,cve,cve2023,kernel,ubuntu,linux,privesc,local
self-contained: true self-contained: true
code: code:
@ -50,4 +54,3 @@ code:
- '!contains(code_1_response, "(root)")' - '!contains(code_1_response, "(root)")'
- 'contains(code_2_response, "(root)")' - 'contains(code_2_response, "(root)")'
condition: and condition: and
# digest: 4a0a00473045022100cc36ed65fa01fe534699e2db622f418a3bb9470edd14eca1eba3138a2daebd4802207b1222e3e2dd3f5701821bab6d24e5cb9976223561e411372df8a2be3a71253c:922c64590222798bb761d5b6d8e72950