CVE-2023-2163

Summary

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux Kernel0 < 5.4unaffected
LinuxLinux Kernel0 < 71b547f561247897a0a14f3082730156c0533fedaffected

Weaknesses

  • CWE-682: CWE-682 Incorrect Calculation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References