{"vulnerability": "CVE-2023-0179", "sightings": [{"uuid": "14110b2d-48ce-445e-a978-11e72d8a2c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2317", "content": "#exploit\n1. CVE-2023-0179:\nLinux kernel stack buffer overflow in nftables\nhttps://seclists.org/oss-sec/2023/q1/20\n\n2. Security Audit of Git:\nCVE-2022-23521:\nTruncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes\nCVE-2022-41903: \nOut of Bounds Memory Write in Log Formatting\nhttps://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif", "creation_timestamp": "2023-01-19T15:21:31.000000Z"}, {"uuid": "f97c2aa0-b2f7-4d38-97b8-9b6b9c40ef95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7572", "content": "#exploit\n1. CVE-2023-0179:\nLinux kernel stack buffer overflow in nftables\nhttps://seclists.org/oss-sec/2023/q1/20\n]-&gt; https://github.com/TurtleARM/CVE-2023-0179-PoC\n\n2. Security Audit of Git:\nCVE-2022-23521:\nTruncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes\nCVE-2022-41903: \nOut of Bounds Memory Write in Log Formatting\nhttps://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif", "creation_timestamp": "2023-01-22T13:04:27.000000Z"}, {"uuid": "3a3cdf31-7161-47c2-acd2-b71b8f9ed13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "seen", "source": "MISP/82bf8dd1-8125-4774-8bfc-0e7a3ac7a721", "content": "", "creation_timestamp": "2023-01-30T13:14:24.000000Z"}, {"uuid": "7346f258-b56b-4f6f-acc0-eba0624964a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/cKure/12961", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Needle (CVE-2023-0179) exploit (PoC)\n\nhttps://github.com/TurtleARM/CVE-2023-0179-PoC", "creation_timestamp": "2024-05-23T21:57:31.000000Z"}, {"uuid": "6b403337-0de3-4e76-b460-b16b6dbafb37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-01795", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3952", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u9488\u5bf9\uff08CVE-2023-0179\uff09\u6f0f\u6d1e\u5229\u7528  \u8be5\u6f0f\u6d1e\u88ab\u5206\u914d\u4e3aCVE-2023-0179\uff0c\u5f71\u54cd\u4e86\u4ece5.5\u52306.2-rc3\u7684\u6240\u6709Linux\u7248\u672c\uff0c\u5c3d\u7ba1\u8be5\u5229\u7528\u57286.1.6\u4e0a\u88ab\u6d4b\u8bd5\u3002  \u6f0f\u6d1e\u7684\u7ec6\u8282\u548c\u6587\u7ae0\u53ef\u4ee5\u5728os-security\u4e0a\u627e\u5230\u3002\nURL\uff1ahttps://github.com/H4K6/CVE-2023-0179-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-16T02:32:41.000000Z"}, {"uuid": "a55e82da-983d-407a-90fe-744f288cc0fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3952", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1a\u9488\u5bf9\uff08CVE-2023-0179\uff09\u6f0f\u6d1e\u5229\u7528  \u8be5\u6f0f\u6d1e\u88ab\u5206\u914d\u4e3aCVE-2023-0179\uff0c\u5f71\u54cd\u4e86\u4ece5.5\u52306.2-rc3\u7684\u6240\u6709Linux\u7248\u672c\uff0c\u5c3d\u7ba1\u8be5\u5229\u7528\u57286.1.6\u4e0a\u88ab\u6d4b\u8bd5\u3002  \u6f0f\u6d1e\u7684\u7ec6\u8282\u548c\u6587\u7ae0\u53ef\u4ee5\u5728os-security\u4e0a\u627e\u5230\u3002\nURL\uff1ahttps://github.com/H4K6/CVE-2023-0179-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-16T02:32:41.000000Z"}, {"uuid": "fbc3832b-c5a0-47db-a4ea-8ecc86066c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "seen", "source": "https://t.me/cvedetector/21320", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-53033 - \"Netfilter VLAN Header Arithmetic Overflow Vulnerability in Linux\"\", \n  \"Content\": \"CVE ID : CVE-2023-53033 \nPublished : March 27, 2025, 5:15 p.m. | 27\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnetfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits  \n  \nIf the offset + length goes over the ethernet + vlan header, then the  \nlength is adjusted to copy the bytes that are within the boundaries of  \nthe vlan_ethhdr scratchpad area. The remaining bytes beyond ethernet +  \nvlan header are copied directly from the skbuff data area.  \n  \nFix incorrect arithmetic operator: subtract, not add, the size of the  \nvlan header in case of double-tagged packets to adjust the length  \naccordingly to address CVE-2023-0179. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-27T19:09:51.000000Z"}, {"uuid": "5c83a043-f415-4307-b93e-8a605b5a08f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3154", "content": "Hackers Factory \n\nA COFF loader made in Rust\n\nhttps://github.com/hakaioffsec/coffee\n\nA simple script just made for self use for bypassing 403\n\nhttps://github.com/iamj0ker/bypass-403\n\n403/401 Bypass Methods + Bash Automation + Your Support ;)\n\nhttps://github.com/Dheerajmadhukar/4-ZERO-3\n\nCommon methods to found API endpoints\n\n1- Swagger UI Documentation\n2- Dictionary Attack | Brute force\n3- Common wordlist for API Enum :\nwordlists.assetnote.io\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\n#bugbountytips #BugBounty\n\nLinux Security and Monitoring Scripts\n\nhttps://github.com/sqall01/LSMS\n\nAn OSINT tool that helps detect members of a company with leaked credentials\n\nhttps://github.com/infobyte/emploleaks\n\nDFIQ is a collection of investigative questions and the approaches for answering them\n\nhttps://github.com/google/dfiq\n\nHunts out CobaltStrike beacons and logs operator command output\n\nhttps://github.com/CCob/BeaconEye\n\nA POC of the ContainYourself research presented in DEF CON 31, which abuses the Windows containers framework to bypass EDRs.\n\nhttps://github.com/deepinstinct/ContainYourself\n\nNeedle (CVE-2023-0179) exploit\n\nhttps://github.com/TurtleARM/CVE-2023-0179-PoC\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-15T00:23:05.000000Z"}, {"uuid": "8fa994ba-c490-4edd-896c-d2b07d07fc8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1316", "content": "CVE-2023-0179 PoC\n\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f  \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Nftables,  \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Linux \u043e\u0442 5.5 \u0434\u043e 6.2-rc3, \u0445\u043e\u0442\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0441\u044f \u043d\u0430 \u0441\u0432\u0435\u0436\u0435\u043c \u044f\u0434\u0440\u0435 6.1.6\n\u041f\u043e\u043d\u044f\u0442\u044c \u0433\u043b\u0443\u0431\u0438\u043d\u0443\n\n#linux #kernel #lpe #nftables", "creation_timestamp": "2023-01-21T14:30:01.000000Z"}, {"uuid": "7885a1fa-b2af-41cb-a6ba-ff2bd3dad1f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "Telegram/Aw9IuqN9de1MvXGlHHxdFwUz3jPUwXOcd5_jwW1OR-5PFnc", "content": "", "creation_timestamp": "2023-03-02T18:55:20.000000Z"}, {"uuid": "071dd24d-900b-4c2e-ae76-71ec2128960b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "Telegram/EmGgqq5jv6w96mpOJh4Urd3TH_8ZK2VC2bXBuFixF0HNu2E", "content": "", "creation_timestamp": "2023-02-12T05:15:06.000000Z"}, {"uuid": "6f0e5c8b-5791-41ee-9202-bd7284110b33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2358", "content": "Linux kernel stack buffer overflow in nftables(CVE-2023-0179)\nThe vulnerability consists of a stack BOF due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.\n\n\u26a0\ufe0fThe exploitation could allow the leakage of both stack and heap addresses and, potentially, a LPE to the root user via arbitrary code execution.\n\nExploit: https://system32.ink/news-feed/p/162/", "creation_timestamp": "2023-01-21T14:20:39.000000Z"}, {"uuid": "226771a1-d482-4a66-9eaf-d1fca5ec6036", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "seen", "source": "https://t.me/cibsecurity/60850", "content": "\u203c CVE-2023-0179 \u203c\n\nA buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T02:26:20.000000Z"}, {"uuid": "2ce7ae57-ff90-4820-bdf3-b77382646a06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/426", "content": "\ud83d\udd25Needle (CVE-2023-0179) exploit", "creation_timestamp": "2023-02-03T10:11:03.000000Z"}, {"uuid": "9ddb6be3-b776-4ffd-986e-314efc018c45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/23", "content": "https://github.com/TurtleARM/CVE-2023-0179-PoC", "creation_timestamp": "2023-01-30T16:19:52.000000Z"}, {"uuid": "260b2e9d-66c8-445e-9d1b-e748cc2e0edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/39", "content": "https://github.com/TurtleARM/CVE-2023-0179-PoC", "creation_timestamp": "2023-03-15T05:56:23.000000Z"}, {"uuid": "35fcabf6-1ff3-4b32-84b0-6719cee99ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/239", "content": "Top Security News for 17/01/2023\n\nAccountant ordered to pay ex-employer after bossware shows \"time theft\"\nhttps://www.malwarebytes.com/blog/news/2023/01/accountant-ordered-to-pay-ex-employer-after-bossware-shows-time-theft \n\nT95 Android TV Box sold on Amazon hides sophisticated malware\nhttps://securityaffairs.com/140866/security/t95-android-tv-box-malware.html \n\nFighting technology's gender gap with TracketPacer: Lock and Code S04E02\nhttps://www.malwarebytes.com/blog/podcast/2023/01/fighting-technologys-gender-gap-with-tracketpacer \n\n[CVE-2023-0179] Linux kernel stack buffer overflow in nftables: PoC and writeup\nhttps://www.reddit.com/r/netsec/comments/10d98w1/cve20230179_linux_kernel_stack_buffer_overflow_in/ \n\nNew Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild\nhttps://thehackernews.com/2023/01/new-backdoor-created-using-leaked-cias.html \n\nISC Stormcast For Tuesday, January 17th, 2023 https://isc.sans.edu/podcastdetail.html?id=8328, (Tue, Jan 17th)\nhttps://isc.sans.edu/diary/rss/29440 \n\nUnauthenticated Configuration Export in Multiple WAGO Products\nhttps://www.reddit.com/r/netsec/comments/10dblrc/unauthenticated_configuration_export_in_multiple/ \n\nAvast researchers released a free BianLian ransomware decryptor for some variants of the malware\nhttps://securityaffairs.com/140892/malware/free-bianlian-ransomware-decryptor.html \n\n\"Untraceable\" surveillance firm sued for scraping Facebook and Instagram data\nhttps://www.malwarebytes.com/blog/news/2023/01/untraceable-surveillance-firm-sued-for-scraping-facebook-and-instagram-data \n\nThe misadventures of SPF: Delivering SPF authenticated emails on behalf of the Ukrainian MoD, MIT and 1000+ others.\nhttps://www.reddit.com/r/netsec/comments/10e4rk9/the_misadventures_of_spf_delivering_spf/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-07-21T09:18:21.000000Z"}, {"uuid": "1d717b03-b7f3-4b02-8296-50635dadc52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "Telegram/W1iQQEumq01scs0kkwOzxnkyTpTQqxR18aFE0Ghk4_eJYa8", "content": "", "creation_timestamp": "2024-04-02T20:37:29.000000Z"}, {"uuid": "d9aeb7dd-c1f0-4b63-8983-ff62b8023e35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/14405", "content": "", "creation_timestamp": "2024-04-02T20:37:31.000000Z"}, {"uuid": "fe07d612-419b-4084-afc7-969d0957f63b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "Telegram/jIWEy7CiWxkuOKutCTy23NsFwNh86LuDziVriTAlQIvYbCg", "content": "", "creation_timestamp": "2023-02-08T18:35:19.000000Z"}, {"uuid": "86de3f1a-4db3-4bfc-94b7-adeea3cde4cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/927", "content": "Bug 2161713 (CVE-2023-0179) - CVE-2023-0179 Linux kernel : Netfilter integer overflow vulnerability in nft_payload_copy_vlan \nDepends On: 2161722 \u26a1\ufe0f 2161723 \u26a1\ufe0f 2161724 \u26a1\ufe0f 2161725 \u26a1\ufe0f 2161726 \u26a1\ufe0f 2161727 \u26a1\ufe0f 2161728 \u26a1\ufe0f 2161729 \u26a1\ufe0f 2161730 \u26a1\ufe0f 2161746 \u26a1\ufe0f 2161747 \u26a1\ufe0f2170098\nBlocks :  2159917\nLink : https://bugzilla.redhat.com/show_bug.cgi?id=2161713\nPOC : https://github.com/TurtleARM/CVE-2023-0179-PoC\nPOC : https://github.com/H4K6/CVE-2023-0179-PoC", "creation_timestamp": "2023-12-28T10:22:35.000000Z"}, {"uuid": "3bb874f2-7a98-4caf-8c1c-79de7dcb4b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/codebreaker01/5174", "content": "", "creation_timestamp": "2023-03-10T20:16:06.000000Z"}, {"uuid": "5b9e46f7-f614-488f-a97d-c55a30b03745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2505", "content": "Needle (CVE-2023-0179) exploit\n\nDownload:- https://system32.ink/news-feed/p/215/", "creation_timestamp": "2023-02-03T09:36:26.000000Z"}, {"uuid": "fd4a9f3e-dd74-41d1-8bb0-783ce3ddc3a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0179", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/877", "content": "https://github.com/TurtleARM/CVE-2023-0179-PoC\n#github", "creation_timestamp": "2023-08-15T03:59:15.000000Z"}]}