CVE-2023-2163

Advisory lineage Upstream: 0 Downstream: 63
Modified
Published: 20 Sept 2023, 05:02
Last modified:27 Feb 2025, 20:49

Vulnerability Summary

Overall Risk (default)
high
70/100
CVSS Score
10 CRITICAL
v3.1 (cve.org)
EPSS Score
0.2% LOW
0% probability +0.03%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

20 Sept 2023, 05:02
Published
Vulnerability first disclosed
27 Feb 2025, 20:49
Last Modified
Vulnerability information updated

Description

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

CVSS Metrics

  • v3.1CRITICALScore: 10CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
  • v3.1HIGHScore: 8.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.20% Percentile: 42%

Techniques & Countermeasures

  • CWE-682Incorrect Calculation

    The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

Affected Systems

  • linuxlinux_kernel

    < 71b547f561247897a0a14f3082730156c0533fed | ≥ 5.3, < 5.4.242 | ≥ 5.5, < 5.10.179 | ≥ 5.11, < 5.15.109 | ≥ 5.16, < 6.1.26 | ≥ 6.2, < 6.2.13

References (2)