CVE-2023-2640
Description
On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.
Severity: HIGH
CVE ID: CVE-2023-2640
CVSS Score: 7.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
OllaPapito
CVE-2023-2640 CVE-2023-32629
Refrence: GitHub
luanoliveira350
GameoverlayFS (CVE-2023-2640 and CVE-2023-32629) exploit in Shell Script tested on Ubuntu 20.04 Kernel 5.4.0
Refrence: GitHub
g1vi
GameOver(lay) Ubuntu Privilege Escalation
Refrence: GitHub
musorblyat
Refrence: GitHub
SanjayRagavendar
Escalating Privilege using CVE-2023-2640 CVE-2023-3262
Refrence: GitHub
Nkipohcs
Refrence: GitHub
Content on GitHub
ThrynSec | watchers:104
CVE-2023-32629-CVE-2023-2640---POC-Escalation
Ubuntu Privilege Escalation bash one-liner using CVE-2023-32629 & CVE-2023-2640
Refrence: GitHub
k4but0 | watchers:2
Ubuntu-LPE
One-Liner CVE-2023-32629/CVE-2023-2640 Ubuntu Privilege Escalation
Refrence: GitHub
xS9NTX | watchers:0
CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC
CVE-2023-32629 & CVE-2023-2640 Ubuntu Privilege Escalation POC
Refrence: GitHub
druxter-x | watchers:0
PHP-CVE-2023-2023-2640-POC-Escalation
Refrence: GitHub
johnlettman | watchers:2
juju-scripts
Scripts for operations in Juju
Refrence: GitHub