{"uuid": "e83ef863-6955-433c-a05c-7c114d02c6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4622", "type": "seen", "source": "https://t.me/arpsyndicate/4837", "content": "#ExploitObserverAlert\n\nCVE-2023-4622\n\nDESCRIPTION: Exploit Observer has 186 entries in 6 file formats related to CVE-2023-4622. A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation.  The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.  We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.0\nARPS-PRIORITY: 0.9517538", "creation_timestamp": "2024-04-24T22:51:39.000000Z"}