Cybersecurity and US Infrastructure Agency (CISA) accommodate Lack of security that affects the Linux kernel in well -known exploited vulnerabilities (Ship) Catalog, stating that it is actively exploited in the wild.
Vulnerability, Cve-2023-0386 (CVSS assessment: 7.8) is an incorrect property error in the Linux kernel, which can be used to escalate privileges in sensitive systems. It was secured in early 2023.
“The Linux kernel contains improper vulnerability of rights management, where unauthorized access to the Setuid file with the capabilities was found in the linux kernel subsystem in how the user copies the file from the nose to another attachment,” the agency said.
“This Uid display error allows the local user to develop their privileges in the system.”
It is now unknown how the lack of security is used in the wild. In a report published in May 2023, Datadog stated that the trivial vulnerability and that it works, deceiving the core to create a suidic binary that belongs to the root in the folder like “/TMP” and fulfillment.
“CVE-2023-0386 is that when the core copied the file from the file system to the” upper “directory, it did not check whether the user/group was changed in this file in the current user names, company company company. – Note.
“This allows an unauthorized user to smuggle suida from the” lower “catalog to the” upper “catalog, using Overlayfs as a mediator.”
Later in the same year, Cloud Becurity Wiz told about two security vulnerabilities called Gameover (lie) (Cve-2013-32629 and Cve-2013-2640) affect UNIX systems that have led to similar consequences, such as CVE-2023-0386.
“These deficiencies allow you to create specialized executable files, which, when performing provides the possibility of escalation of privileges, take root on the affected machine,” Wiz researchers said.
Federal Civil Executive Agency (FCEB) should apply the necessary patches by July 8, 2025 to provide their networks from active threats.
