CVE-2023-21218

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 4, 2023

Updated: Dec 22, 2023

Summary

CVE-2023-21218 is a newly discovered kernel vulnerability affecting the PMRChangeSparseMemOSMem function in physmem_osmem_linux.c. This issue involves an incorrect bounds check leading to a possible out-of-bounds write. The consequences of this vulnerability are significant, as it enables local privilege escalation within the kernel, allowing an attacker to elevate their privileges without requiring any additional execution privileges. Notably, user interaction is not required for successful exploitation of this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tr5bYE
https://www.cve.org/CVERecord?id=CVE-2023-21218
https://nvd.nist.gov/vuln/detail/CVE-2023-21218

Back to Vulnerability Database

CVE-2023-21218

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations