Skip to main content

CVE-2023-2640

Description

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.

Canonical Ltd.
Severity: HIGH
CVE ID: CVE-2023-2640
CVSS Score: 7.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

OllaPapito

CVE-2023-2640 CVE-2023-32629

Refrence: GitHub

luanoliveira350

GameoverlayFS (CVE-2023-2640 and CVE-2023-32629) exploit in Shell Script tested on Ubuntu 20.04 Kernel 5.4.0

Refrence: GitHub

g1vi

GameOver(lay) Ubuntu Privilege Escalation

Refrence: GitHub

musorblyat

Refrence: GitHub

SanjayRagavendar

Escalating Privilege using CVE-2023-2640 CVE-2023-3262

Refrence: GitHub

Nkipohcs

Refrence: GitHub

Content on GitHub

ThrynSec | watchers:104

CVE-2023-32629-CVE-2023-2640---POC-Escalation
Ubuntu Privilege Escalation bash one-liner using CVE-2023-32629 & CVE-2023-2640

Refrence: GitHub

k4but0 | watchers:2

Ubuntu-LPE
One-Liner CVE-2023-32629/CVE-2023-2640 Ubuntu Privilege Escalation

Refrence: GitHub

xS9NTX | watchers:0

CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC
CVE-2023-32629 & CVE-2023-2640 Ubuntu Privilege Escalation POC

Refrence: GitHub

druxter-x | watchers:0

PHP-CVE-2023-2023-2640-POC-Escalation

Refrence: GitHub

johnlettman | watchers:2

juju-scripts
Scripts for operations in Juju

Refrence: GitHub

Last updated on by Vulnerability_bot_v1.3.8