{"vulnerability": "CVE-2023-0461", "sightings": [{"uuid": "9f3fbf82-9d10-4ac9-b9ef-8a094a19c3a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "seen", "source": "https://u1f383.github.io/linux/2025/01/08/two-network-related-vulnerabilities-analysis.html", "content": "", "creation_timestamp": "2025-01-07T23:00:00.000000Z"}, {"uuid": "e182ef6d-b28b-4763-aa14-4754b82c874f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lfakrxro2x22", "content": "", "creation_timestamp": "2025-01-08T16:16:42.278260Z"}, {"uuid": "a7618c19-56a2-444e-8294-b3ef1866f589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "seen", "source": "https://t.me/arpsyndicate/124", "content": "#ExploitObserverAlert\n\nCVE-2023-0461\n\nDESCRIPTION: Exploit Observer has 22 entries related to CVE-2023-0461. There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS\u00a0or CONFIG_XFRM_ESPINTCP\u00a0has to be configured, but the operation does not require any privilege.\n\nThere is a use-after-free bug of icsk_ulp_data\u00a0of a struct inet_connection_sock.\n\nWhen CONFIG_TLS\u00a0is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable.\n\nThe setsockopt\u00a0TCP_ULP\u00a0operation does not require any privilege.\n\nWe recommend upgrading past commit\u00a02c02d41d71f90a5168391b6a5f2954112ba2307c\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-12T18:00:26.000000Z"}, {"uuid": "c09b49d8-d84b-4ffa-b4ac-1ee43886cdcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "published-proof-of-concept", "source": "https://t.me/ZeroDay_ru/372", "content": "#exploit\n1. CVE-2023-6932, CVE-2023-0461:\nUaF/LPE in Linux kernel\nhttps://u1f383.github.io/linux/2025/01/08/two-network-related-vulnerabilities-analysis.html\n\n2. CVE-2024-53141:\nAn OOB Write Vulnerability in Netfiler Ipset\nhttps://u1f383.github.io/linux/2025/01/07/cve-2024-53141-an-oob-write-vulnerability-in-netfilter-ipset.html", "creation_timestamp": "2025-01-09T09:23:10.000000Z"}, {"uuid": "e5028542-6be3-4930-8b01-084b5f3f3acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3815", "content": "#exploit\n1. CVE-2023-0461:\nLinux Kernel privilege escalation\nhttps://github.com/google/security-research/tree/master/pocs/linux/kernelctf/CVE-2023-0461_mitigation/docs\n\n2. Apache ActiveMQ RCE\nhttps://y4er.com/posts/apache-activemq-rce\n\n3. CVE-2024-21633:\nMobSF RCE\nhttps://github.com/0x33c0unt/CVE-2024-21633", "creation_timestamp": "2024-01-08T10:32:17.000000Z"}, {"uuid": "c035e49c-48ac-42ba-8df7-3dca3dc49db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11659", "content": "#exploit\n1. CVE-2023-6932, CVE-2023-0461:\nUaF/LPE in Linux kernel\nhttps://u1f383.github.io/linux/2025/01/08/two-network-related-vulnerabilities-analysis.html\n\n2. CVE-2024-53141:\nAn OOB Write Vulnerability in Netfiler Ipset\nhttps://u1f383.github.io/linux/2025/01/07/cve-2024-53141-an-oob-write-vulnerability-in-netfilter-ipset.html\n\n3. CVE-2024-50603:\nAviatrix Network Controller Command Injection Vulnerability\nhttps://www.securing.pl/en/cve-2024-50603-aviatrix-network-controller-command-injection-vulnerability", "creation_timestamp": "2025-01-27T13:58:34.000000Z"}, {"uuid": "656afa67-6814-47c6-a324-3e116dcbb919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "seen", "source": "https://t.me/cibsecurity/59107", "content": "\u203c CVE-2023-0461 \u203c\n\nThere is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-28T18:27:48.000000Z"}, {"uuid": "5f419835-9feb-49b3-9748-3f44a1f3dc97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9750", "content": "#exploit\n1. CVE-2023-0461:\nLinux Kernel privilege escalation\nhttps://github.com/google/security-research/tree/master/pocs/linux/kernelctf/CVE-2023-0461_mitigation/docs\n\n2. Apache ActiveMQ RCE\nhttps://y4er.com/posts/apache-activemq-rce\n\n3. CVE-2024-21633:\nMobSF RCE\nhttps://github.com/0x33c0unt/CVE-2024-21633", "creation_timestamp": "2024-01-08T20:40:06.000000Z"}, {"uuid": "32d4021e-cee6-40f6-9192-b9adb3ed1634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0461", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2447", "content": "#exploit\n1. CVE-2023-0461:\nLinux Kernel privilege escalation\nhttps://github.com/google/security-research/tree/master/pocs/linux/kernelctf/CVE-2023-0461_mitigation/docs\n\n2. Apache ActiveMQ RCE\nhttps://y4er.com/posts/apache-activemq-rce\n\n3. CVE-2024-21633:\nMobSF RCE\nhttps://github.com/0x33c0unt/CVE-2024-21633", "creation_timestamp": "2024-08-16T09:01:19.000000Z"}]}