CVE-2023-41915

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Sep 9, 2023

Updated: Jul 11, 2024

CWE ID 362

Summary

CVE-2023-41915 is a newly disclosed vulnerability affecting OpenPMIx before version 4.2.6 and 5.0.x before 5.0.1. The issue enables attackers to manipulate file ownership through a race condition during the execution of library code with UID 0. Successful exploitation grants the attacker the ability to gain unauthorized access to arbitrary files, posing a significant risk to system security. It is crucial for users to upgrade to the patched versions as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Fedora Operating System
Debian

Affected Vendors

Debian
Fedora Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/so6Q-Q
https://www.cve.org/CVERecord?id=CVE-2023-41915
https://nvd.nist.gov/vuln/detail/CVE-2023-41915

Back to Vulnerability Database