CVE-2023-0386 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2023-0386?

CVE-2023-0386 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-0386?

Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Netapp H300S Firmware, Netapp H300S, Netapp H500S Firmware, Netapp H500S.

Vulnerability Description

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Debian	Debian Linux	10.0
Netapp	H300S Firmware	-
Netapp	H300S	-
Netapp	H500S Firmware	-
Netapp	H500S	-
Netapp	H700S Firmware	-
Netapp	H700S	-
Netapp	H410S Firmware	-
Netapp	H410S	-
Netapp	H410C Firmware	-
Netapp	H410C	-
Canonical	Ubuntu Linux	18.04
Linux	Linux Kernel	>= 5.11, < 5.15.91

Related Weaknesses (CWE)

CWE-282

References

http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSThird Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4fBroken LinkMailing ListPatch
https://lists.debian.org/debian-lts-announce/2023/06/msg00008.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20230420-0004/Third Party Advisory
https://www.debian.org/security/2023/dsa-5402Third Party Advisory
http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSThird Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4fBroken LinkMailing ListPatch
https://lists.debian.org/debian-lts-announce/2023/06/msg00008.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.htmlMailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20230420-0004/Third Party Advisory
https://www.debian.org/security/2023/dsa-5402Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-US Government Resource

FAQ

What is CVE-2023-0386?

CVE-2023-0386 is a vulnerability with a CVSS score of 7.8 (HIGH). A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable...

How severe is CVE-2023-0386?

CVE-2023-0386 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-0386?

Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Netapp H300S Firmware, Netapp H300S, Netapp H500S Firmware, Netapp H500S.