{"uuid": "fae121e9-0e75-4d33-96ea-7a1fb5253cb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0386", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5528", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-0386\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.\n\ud83d\udccf Published: 2023-03-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T16:05:24.670Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a\n2. https://security.netapp.com/advisory/ntap-20230420-0004/\n3. https://www.debian.org/security/2023/dsa-5402\n4. https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html\n5. http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\n6. https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "creation_timestamp": "2025-02-26T16:24:21.000000Z"}