{"vulnerability": "CVE-2023-2612", "sightings": [{"uuid": "76857892-3eda-4de7-847c-905b7780137b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2612", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1173", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2612\n\ud83d\udd39 Description: Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).\n\ud83d\udccf Published: 2023-05-30T23:12:29.867Z\n\ud83d\udccf Modified: 2025-01-10T16:48:03.535Z\n\ud83d\udd17 References:\n1. https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\n2. https://ubuntu.com/security/CVE-2023-2612\n3. https://ubuntu.com/security/notices/USN-6122-1\n4. https://ubuntu.com/security/notices/USN-6123-1\n5. https://ubuntu.com/security/notices/USN-6124-1\n6. https://ubuntu.com/security/notices/USN-6127-1\n7. http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html", "creation_timestamp": "2025-01-10T17:03:53.000000Z"}, {"uuid": "d16e9d59-1b43-4b58-b2a4-0cb9062a4d52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2612", "type": "seen", "source": "https://t.me/arpsyndicate/898", "content": "#ExploitObserverAlert\n\nCVE-2023-2612\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2612. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 3.6\nNVD-ES: 1.0", "creation_timestamp": "2023-12-03T00:00:57.000000Z"}, {"uuid": "cb306b16-8fbc-49ea-811e-0dd942e60128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26121", "type": "seen", "source": "Telegram/A4AP3KAlduIca4fj5XKEyppcD_0yDv4Ml-zqGbJLEmZ5meRf", "content": "", "creation_timestamp": "2025-02-14T09:47:01.000000Z"}, {"uuid": "73a6e0e3-e842-46df-ae38-20e2d0be6024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26129", "type": "seen", "source": "https://t.me/cibsecurity/64739", "content": "\u203c CVE-2023-26129 \u203c\n\nAll versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. **Note:**To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-27T19:32:32.000000Z"}, {"uuid": "7fca3e1d-64a7-427b-9a59-1faec554e228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26125", "type": "seen", "source": "https://t.me/cibsecurity/63279", "content": "\u203c CVE-2023-26125 \u203c\n\nVersions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning.**Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. However, successful exploitation may depend on the server configuration and whether the header is used in the application logic.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T12:42:07.000000Z"}, {"uuid": "3319e6e6-367d-4a07-ab44-8914c23ed98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2612", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9772", "content": "#Threat_Research\n\"Ubuntu Shiftfs: Unbalanced Unlock Exploitation Attempt (CVE-2023-2612)\",  2023.", "creation_timestamp": "2024-01-12T16:15:15.000000Z"}, {"uuid": "affc5efe-80bb-4f5a-acc2-9e280bf0e6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2612", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2507", "content": "#Threat_Research\n\"Ubuntu Shiftfs: Unbalanced Unlock Exploitation Attempt (CVE-2023-2612)\",  2023.", "creation_timestamp": "2024-08-16T09:01:27.000000Z"}, {"uuid": "d0375cdb-247f-4592-b8e8-219c5933fba8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26120", "type": "seen", "source": "https://t.me/cibsecurity/61739", "content": "\u203c CVE-2023-26120 \u203c\n\nThis affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T12:22:29.000000Z"}]}