CVE-2023-2235

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-2235
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-2235.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-2235
Downstream
Related
Published
2023-05-01T12:51:25.433Z
Modified
2026-05-08T04:51:45.702725Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Use-after-free in Linux kernel's Performance Events subsystem
Details

A use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation.

The perfgroupdetach function did not check the event's siblings' attachstate before calling addeventtogroups(), but removeonexec made it possible to call listdelevent() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability.

We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.

Database specific 
{
    "cwe_ids": [
        "CWE-416"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/2xxx/CVE-2023-2235.json",
    "cna_assigner": "Google"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
62fb9874f5da54fdb243003b386128037319b219
Fixed
457391b0380335d5e9a5babdec90ac53928b23b4
Database specific 
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "5.13"
        },
        {
            "fixed": "6.3"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-2235.json"