{"uuid": "c03b1a2d-17b4-4ed4-bd0e-6a8d7bce9578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4622", "type": "seen", "source": "https://t.me/arpsyndicate/318", "content": "#ExploitObserverAlert\n\nCVE-2023-4622\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-4622. A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.  The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.  We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.0", "creation_timestamp": "2023-11-21T20:15:05.000000Z"}