[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-2640":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":51,"duplicate_of":9,"upstream":52,"downstream":53,"duplicates":72,"related":73,"reserved_at":9,"published_at":74,"modified_at":75,"state":76,"summary":77,"references_raw":85,"kevs":110,"epss":111,"epss_history":114,"metrics":325,"affected":333},"CVE-2023-2640","On Ubuntu kernels carrying both c914c0e27eb0 and \"UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs\", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-863","Incorrect Authorization","The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.","weakness","Incomplete","Class","High",[],[21,30],{"_key":22,"name":23,"source":24,"url":25,"maturity":26,"reliability_score":27,"verified":28,"type":9,"platforms":29,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_EC3364503EC97246","Exploit Reference (wiz.io)","reference","https://wiz.io/blog/ubuntu-overlayfs-vulnerability","unknown",0.2,false,[],{"_key":31,"name":32,"source":33,"url":34,"maturity":35,"reliability_score":36,"verified":28,"type":37,"platforms":38,"requires_auth":28,"exploitdb":9,"metasploit":39},"MSF_EXPLOIT_LINUX_LOCAL_GAMEOVERLAY_PRIVESC","GameOver(lay) Privilege Escalation and Container Escape","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/linux/local/gameoverlay_privesc.rb","poc",0.5,"remote",[],{"fullname":40,"rank":41,"rank_name":42,"post_auth":28,"check":43,"notes":44},"exploit/linux/local/gameoverlay_privesc",300,"normal",true,{"Stability":45,"SideEffects":47,"Reliability":49},[46],"crash-safe",[48],"artifacts-on-disk",[50],"repeatable-session",[],[],[54,56,58,60,62,64,66,68,70],{"_key":55},"USN-8255-1",{"_key":57},"USN-8255-2",{"_key":59},"USN-8255-3",{"_key":61},"USN-8275-1",{"_key":63},"USN-8297-1",{"_key":65},"UBUNTU-CVE-2023-2640",{"_key":67},"USN-6260-1",{"_key":69},"USN-6285-1",{"_key":71},"USN-6248-1",[],[],"2023-07-26T01:59:23.543Z","2024-10-23T14:59:17.779Z","Modified",{"cisa_kev":28,"cisa_ransomware":28,"cisa_vendor":9,"epss_severity":78,"epss_score":79,"severity":80,"severity_score":81,"severity_version":82,"severity_source":83,"severity_vector":84,"severity_status":76},"critical",0.9239,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[86,92,98,104],{"url":87,"sources":88,"tags":90},"https://ubuntu.com/security/notices/USN-6250-1",[83,89],"nvd",[91],"Vendor Advisory",{"url":93,"sources":94,"tags":95},"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2640",[83,89],[96,97],"Issue Tracking","Third Party Advisory",{"url":25,"sources":99,"tags":100},[83,89],[101,102,103,97],"Technical Description","Exploit","Mitigation",{"url":105,"sources":106,"tags":107},"https://lists.ubuntu.com/archives/kernel-team/2023-July/140923.html",[83,89],[108,109],"Mailing List","Patch",[],{"date":112,"score":79,"percentile":113},"2026-06-03",0.99742,[115,119,121,124,127,129,131,133,135,137,140,144,146,148,151,155,158,161,164,166,168,170,172,174,176,178,180,182,185,187,189,191,193,195,198,202,205,207,209,211,213,215,217,219,221,224,226,228,230,234,237,239,241,243,246,248,250,252,254,257,259,262,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,306,308,310,313,315,317,319,322],{"date":116,"score":117,"percentile":118},"2025-11-04",0.92037,0.99684,{"date":120,"score":117,"percentile":118},"2025-11-05",{"date":122,"score":117,"percentile":123},"2025-11-06",0.99685,{"date":125,"score":117,"percentile":126},"2025-11-07",0.99682,{"date":128,"score":117,"percentile":126},"2025-11-08",{"date":130,"score":117,"percentile":126},"2025-11-09",{"date":132,"score":117,"percentile":126},"2025-11-10",{"date":134,"score":117,"percentile":126},"2025-11-11",{"date":136,"score":117,"percentile":126},"2025-11-12",{"date":138,"score":117,"percentile":139},"2025-11-13",0.99683,{"date":141,"score":142,"percentile":143},"2025-11-14",0.91874,0.99671,{"date":145,"score":142,"percentile":143},"2025-11-15",{"date":147,"score":142,"percentile":143},"2025-11-16",{"date":149,"score":142,"percentile":150},"2025-11-17",0.99672,{"date":152,"score":153,"percentile":154},"2025-11-18",0.65651,0.985,{"date":156,"score":153,"percentile":157},"2025-11-19",0.98502,{"date":159,"score":153,"percentile":160},"2025-11-20",0.98503,{"date":162,"score":142,"percentile":163},"2025-11-21",0.9967,{"date":165,"score":142,"percentile":163},"2025-11-22",{"date":167,"score":142,"percentile":163},"2025-11-23",{"date":169,"score":142,"percentile":163},"2025-11-24",{"date":171,"score":142,"percentile":150},"2025-11-25",{"date":173,"score":142,"percentile":143},"2025-11-26",{"date":175,"score":142,"percentile":150},"2025-11-27",{"date":177,"score":142,"percentile":150},"2025-11-28",{"date":179,"score":142,"percentile":150},"2025-11-29",{"date":181,"score":142,"percentile":150},"2025-11-30",{"date":183,"score":142,"percentile":184},"2025-12-01",0.9968,{"date":186,"score":142,"percentile":184},"2025-12-02",{"date":188,"score":142,"percentile":184},"2025-12-03",{"date":190,"score":142,"percentile":150},"2025-12-04",{"date":192,"score":142,"percentile":150},"2025-12-05",{"date":194,"score":142,"percentile":150},"2025-12-06",{"date":196,"score":142,"percentile":197},"2025-12-07",0.99673,{"date":199,"score":200,"percentile":201},"2025-12-08",0.91742,0.99662,{"date":203,"score":200,"percentile":204},"2025-12-09",0.99663,{"date":206,"score":200,"percentile":204},"2025-12-10",{"date":208,"score":200,"percentile":204},"2025-12-11",{"date":210,"score":200,"percentile":204},"2025-12-12",{"date":212,"score":200,"percentile":201},"2025-12-13",{"date":214,"score":200,"percentile":201},"2025-12-14",{"date":216,"score":200,"percentile":201},"2025-12-15",{"date":218,"score":200,"percentile":204},"2025-12-16",{"date":220,"score":200,"percentile":204},"2025-12-17",{"date":222,"score":200,"percentile":223},"2025-12-18",0.99664,{"date":225,"score":200,"percentile":223},"2025-12-19",{"date":227,"score":200,"percentile":204},"2025-12-20",{"date":229,"score":200,"percentile":204},"2025-12-21",{"date":231,"score":232,"percentile":233},"2025-12-22",0.91622,0.99657,{"date":235,"score":232,"percentile":236},"2025-12-23",0.99656,{"date":238,"score":232,"percentile":236},"2025-12-24",{"date":240,"score":232,"percentile":236},"2025-12-25",{"date":242,"score":232,"percentile":233},"2025-12-26",{"date":244,"score":232,"percentile":245},"2025-12-27",0.99658,{"date":247,"score":232,"percentile":233},"2025-12-28",{"date":249,"score":232,"percentile":233},"2025-12-29",{"date":251,"score":232,"percentile":233},"2025-12-30",{"date":253,"score":232,"percentile":245},"2025-12-31",{"date":255,"score":232,"percentile":256},"2026-01-01",0.99665,{"date":258,"score":232,"percentile":256},"2026-01-02",{"date":260,"score":232,"percentile":261},"2026-01-03",0.99666,{"date":263,"score":232,"percentile":264},"2026-01-04",0.99659,{"date":266,"score":232,"percentile":264},"2026-01-05",{"date":268,"score":232,"percentile":264},"2026-01-06",{"date":270,"score":232,"percentile":264},"2026-01-07",{"date":272,"score":232,"percentile":264},"2026-01-08",{"date":274,"score":232,"percentile":264},"2026-01-09",{"date":276,"score":232,"percentile":264},"2026-01-10",{"date":278,"score":232,"percentile":245},"2026-01-11",{"date":280,"score":232,"percentile":264},"2026-01-12",{"date":282,"score":232,"percentile":264},"2026-01-13",{"date":284,"score":232,"percentile":264},"2026-01-14",{"date":286,"score":232,"percentile":264},"2026-01-15",{"date":288,"score":232,"percentile":264},"2026-01-16",{"date":290,"score":232,"percentile":264},"2026-01-17",{"date":292,"score":200,"percentile":256},"2026-01-18",{"date":294,"score":200,"percentile":256},"2026-01-19",{"date":296,"score":200,"percentile":256},"2026-01-20",{"date":298,"score":200,"percentile":256},"2026-01-21",{"date":300,"score":200,"percentile":261},"2026-01-22",{"date":302,"score":200,"percentile":261},"2026-01-23",{"date":304,"score":200,"percentile":305},"2026-01-24",0.99667,{"date":307,"score":200,"percentile":305},"2026-01-25",{"date":309,"score":200,"percentile":305},"2026-01-26",{"date":311,"score":200,"percentile":312},"2026-01-27",0.99668,{"date":314,"score":200,"percentile":312},"2026-01-28",{"date":316,"score":200,"percentile":312},"2026-01-29",{"date":318,"score":200,"percentile":312},"2026-01-30",{"date":320,"score":200,"percentile":321},"2026-01-31",0.99669,{"date":323,"score":200,"percentile":324},"2026-02-01",0.99676,[326,331],{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":327,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":328,"vectorString":84,"impactScore":329,"exploitabilityScore":330},"HIGH",9.8,4.6,{"source":89,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":332,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":328,"vectorString":84,"impactScore":329,"exploitabilityScore":330},[334],{"ecosystem":9,"name":335,"vendor":336,"product":337,"cpe_part":338,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":339},"ubuntu linux","canonical","ubuntu_linux","o",[340],{"version":341,"is_range":28,"range_type":342,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"23.04","cpe"]