info@thehackernews.com (The Hacker News)
2025-06-18 02:43:00
thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively exploited in the wild.
The vulnerability, CVE-2023-0386 (CVSS score: 7.8), is an improper ownership bug in the Linux kernel that could be exploited to escalate privileges on susceptible systems. It was patched in early 2023.
“Linux kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount,” the agency said.
“This uid mapping bug allows a local user to escalate their privileges on the system.”
It’s currently not known how the security flaw is being exploited in the wild. In a report published in May 2023, Datadog said the vulnerability is trivial to exploit and that it works by tricking the kernel into creating a SUID binary owned by root in a folder like “/tmp” and executing it.
“CVE-2023-0386 lies in the fact that when the kernel copied a file from the overlay file system to the ‘upper’ directory, it did not check if the user/group owning this file was mapped in the current user namespace,” the company said.
“This allows an unprivileged user to smuggle an SUID binary from a ‘lower’ directory to the ‘upper’ directory, by using OverlayFS as an intermediary.”
Later that year, cloud security firm Wiz detailed two security vulnerabilities dubbed GameOver(lay) (CVE-2023-32629 and CVE-2023-2640) affecting Unix systems that led to similar consequences as CVE-2023-0386.
“These flaws allow the creation of specialized executables, which, upon execution, grant the ability to escalate privileges to root on the affected machine,” Wiz researchers said.
Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary patches by July 8, 2025, to secure their networks against active threats.
Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.
Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.
Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!
Help Power Techcratic’s Future – Scan To Support
If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.
As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!
|
BITCOIN
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge Scan the QR code with your crypto wallet app |
|
DOGECOIN
D64GwvvYQxFXYyan3oQCrmWfidf6T3JpBA Scan the QR code with your crypto wallet app |
|
ETHEREUM
0xe9BC980DF3d985730dA827996B43E4A62CCBAA7a Scan the QR code with your crypto wallet app |
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
