{ "threat_severity" : "Important", "public_date" : "2023-01-24T10:00:00Z", "bugzilla" : { "description" : "kernel: FUSE filesystem low-privileged user privileges escalation", "id" : "2159505", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2159505" }, "cvss3" : { "cvss3_base_score" : "7.0", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-282", "details" : [ "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.", "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system." ], "statement" : "This vulnerability was first introduced into Red Hat Enterprise Linux starting in version 8.6. Earlier releases are not affected, including Red Hat Enterprise Linux 8.4.", "acknowledgement" : "Red Hat would like to thank The D. E. Shaw Group for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-04-04T00:00:00Z", "advisory" : "RHSA-2023:1584", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-425.19.2.rt7.230.el8_7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-04-04T00:00:00Z", "advisory" : "RHSA-2023:1566", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-425.19.2.el8_7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-04-05T00:00:00Z", "advisory" : "RHSA-2023:1659", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date" : "2023-04-04T00:00:00Z", "advisory" : "RHSA-2023:1554", "cpe" : "cpe:/o:redhat:rhel_eus:8.6", "package" : "kernel-0:4.18.0-372.51.1.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date" : "2023-04-05T00:00:00Z", "advisory" : "RHSA-2023:1660", "cpe" : "cpe:/o:redhat:rhel_eus:8.6", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-04-11T00:00:00Z", "advisory" : "RHSA-2023:1703", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-162.23.1.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-04-11T00:00:00Z", "advisory" : "RHSA-2023:1691", "cpe" : "cpe:/a:redhat:enterprise_linux:9::nfv", "package" : "kernel-rt-0:5.14.0-162.23.1.rt21.186.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-04-10T00:00:00Z", "advisory" : "RHSA-2023:1681", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-04-11T00:00:00Z", "advisory" : "RHSA-2023:1703", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-162.23.1.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-04-25T00:00:00Z", "advisory" : "RHSA-2023:1970", "cpe" : "cpe:/a:redhat:rhel_eus:9.0", "package" : "kernel-0:5.14.0-70.53.1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-04-25T00:00:00Z", "advisory" : "RHSA-2023:1980", "cpe" : "cpe:/a:redhat:rhel_eus:9.0::nfv", "package" : "kernel-rt-0:5.14.0-70.53.1.rt21.124.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-04-25T00:00:00Z", "advisory" : "RHSA-2023:1984", "cpe" : "cpe:/o:redhat:rhel_eus:9.0", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date" : "2023-04-04T00:00:00Z", "advisory" : "RHSA-2023:1554", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package" : "kernel-0:4.18.0-372.51.1.el8_6" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date" : "2023-04-10T00:00:00Z", "advisory" : "RHSA-2023:1677", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package" : "redhat-virtualization-host-0:4.5.3-202304051438_8.6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-0386\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0386\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog" ], "name" : "CVE-2023-0386", "mitigation" : { "value" : "To mitigate this issue, prevent the module overlay from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.", "lang" : "en:us" }, "csaw" : false }