{"id":155736,"date":"2023-01-18T04:29:14","date_gmt":"2023-01-18T10:29:14","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/01\/a-new-privilege-escalation-vulnerability-in-the-linux-kernel-enables-a-local-attacker-to-execute-malware-on-vulnerable-systems"},"modified":"2023-01-18T04:29:14","modified_gmt":"2023-01-18T10:29:14","slug":"a-new-privilege-escalation-vulnerability-in-the-linux-kernel-enables-a-local-attacker-to-execute-malware-on-vulnerable-systems","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/01\/a-new-privilege-escalation-vulnerability-in-the-linux-kernel-enables-a-local-attacker-to-execute-malware-on-vulnerable-systems","title":{"rendered":"A new privilege escalation vulnerability in the Linux kernel, enables a local attacker to execute malware on vulnerable systems"},"content":{"rendered":"<p><\/p>\n<p><iframe style=\"display: block; margin: 0 auto; width: 100%; aspect-ratio: 4\/3; object-fit: contain;\" src=\"https:\/\/www.youtube.com\/embed\/-plvKXjb_CY?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope;\n   picture-in-picture\" allowfullscreen><\/iframe><\/p>\n<p>A new privilege escalation vulnerability has been identified in the Linux kernel by <a href=\"https:\/\/seclists.org\/oss-sec\/2023\/q1\/20\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">researcher<\/a> Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the tracking number CVE-2023\u20130179, is a stack-based buffer overflow that exists in the Netfilter subsystem. An authorized attacker might exploit this issue to get elevated privileges as root if the attacker executed a program that had been carefully written for the purpose.<\/p>\n<p>The Linux kernel has a framework known as netfilter that enables a variety of networking-related actions to be performed in the form of individualized handlers. This may be accomplished by filtering incoming network packets. Netfilter provides the functionality necessary for directing packets through a network and preventing packets from reaching sensitive locations within a network by offering a variety of functions and operations for packet filtering, network address translation, and port translation. [1] These features allow Netfilter to provide the functionality required for directing packets through a network.<\/p>\n<p>\u201cThe vulnerability consists of a stack buffer overflow caused by an integer underflow vulnerability within the nft payload copy vlan function,\u201d which is triggered with nft payload expressions \u201cas long as a VLAN tag is present in the current skb,\u201d according to the description of the flaw.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new privilege escalation vulnerability has been identified in the Linux kernel by researcher Davide Ornaghi. This vulnerability might enable a local attacker to execute code on vulnerable computers with elevated rights if the kernel is installed on those systems. Additionally, Davide published the proof-of-concept and the write-up. The vulnerability, which has been assigned the [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-155736","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/155736","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=155736"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/155736\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=155736"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=155736"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=155736"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}