ID:10743 - Exploit for Security features bypass in Linux kernel - CVE-2023-1998

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10743 - Exploit for Security features bypass in Linux kernel - CVE-2023-1998

ID:10743 - Exploit for Security features bypass in Linux kernel - CVE-2023-1998

Published: October 25, 2024


Vulnerability identifier: #VU75454
Vulnerability risk: Low
CVE-ID: CVE-2023-1998
CWE-ID: CWE-254
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to incorrect implementation of the Spectre v2 SMT mitigations, related to calling prctl with PR_SET_SPECULATION_CTRL. An attacker can gain unauthorized access to kernel memory from userspace.


Remediation

Install updates from vendor's website.