{"vulnerability": "CVE-2023-3269", "sightings": [{"uuid": "176fddad-1773-4d3f-b9e6-de3883e9a962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://u1f383.github.io/linux/2025/01/12/memory-related-cves-exploited-in-kernelctf.html", "content": "", "creation_timestamp": "2025-01-11T23:00:00.000000Z"}, {"uuid": "9e3221a5-f6b4-4f57-a550-d91de7e15b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32697", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrsq2h4ps2m", "content": "", "creation_timestamp": "2025-08-19T21:02:31.192774Z"}, {"uuid": "ae590e9a-9bcd-4405-9c52-d1d3800830e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32699", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1170", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32699\n\ud83d\udd39 Description: MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. \u200bThe `checkUserPassword` method is used to check whether the password provided by the user matches the password saved in the database, and the `CodingUtil.md5` method is used to encrypt the original password with MD5 to ensure that the password will not be saved in plain text when it is stored. If a user submits a very long password when logging in, the system will be forced to execute the long password MD5 encryption process, causing the server CPU and memory to be exhausted, thereby causing a denial of service attack on the server. This issue is fixed in version 2.10.0-lts with a maximum password length.\n\ud83d\udccf Published: 2023-05-30T18:59:26.174Z\n\ud83d\udccf Modified: 2025-01-10T16:51:37.440Z\n\ud83d\udd17 References:\n1. https://github.com/metersphere/metersphere/security/advisories/GHSA-qffq-8gf8-mhq7\n2. https://github.com/metersphere/metersphere/commit/c59e381d368990214813085a1a4877c5ef865411", "creation_timestamp": "2025-01-10T17:03:44.000000Z"}, {"uuid": "14ef3f17-d55a-44f3-a8c4-43dbba95e057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4687", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-3269: Linux kernel privilege escalation vulnerability\nURL\uff1ahttps://github.com/lrh2000/StackRot\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-05T12:39:14.000000Z"}, {"uuid": "fd96107a-abe1-40dd-919e-3fec5669c7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32691", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1233", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32691\n\ud83d\udd39 Description: gost (GO Simple Tunnel) is a simple tunnel written in golang. Sensitive secrets such as passwords, token and API keys should be compared only using a constant-time comparison function. Untrusted input, sourced from a HTTP header, is compared directly with a secret. Since this comparison is not secure, an attacker can mount a side-channel timing attack to guess the password. As a workaround, this can be easily fixed using a constant time comparing function such as `crypto/subtle`'s `ConstantTimeCompare`. \n\n\ud83d\udccf Published: 2023-05-30T03:06:06.080Z\n\ud83d\udccf Modified: 2025-01-10T20:45:20.000Z\n\ud83d\udd17 References:\n1. https://github.com/ginuerzh/gost/security/advisories/GHSA-qjrq-hm79-49ww\n2. https://github.com/ginuerzh/gost/blob/1c62376e0880e4094bd3731e06bd4f7842638f6a/auth.go#L46", "creation_timestamp": "2025-01-10T21:04:06.000000Z"}, {"uuid": "72e9a8f8-41be-4efa-a87d-998aee8f5828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/353", "content": "Top Security News for 06/07/2023\n\nISC Stormcast For Thursday, July 6th, 2023 https://isc.sans.edu/podcastdetail/8560, (Thu, Jul 6th)\nhttps://isc.sans.edu/diary/rss/30004 \n\nFour Must-haves to Strengthen Your Endpoint Security\nhttps://malware.news/t/four-must-haves-to-strengthen-your-endpoint-security/71106#post_1 \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/05-07-2023 \n\nChinese cyberespionage described. SEO poisoning. Html smuggling. DDoS alert in the US. Hacktivist auxiliary in Russia's hybrid war.\nhttps://thecyberwire.com/newsletters/daily-briefing/12/126 \n\nActively Exploited ICS Hardware: SolarView Series\nhttps://www.reddit.com/r/netsec/comments/14r5ki9/actively_exploited_ics_hardware_solarview_series/ \n\nMicrosoft refutes Anonymous Sudan's massive data breach claims\nhttps://malware.news/t/microsoft-refutes-anonymous-sudans-massive-data-breach-claims/71102#post_1 \n\nRedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors\nhttps://thehackernews.com/2023/07/redenergy-stealer-as-ransomware-threat.html \n\nExtending Burp Suite for fun and profit - The Montoya way - Part 1\nhttps://www.reddit.com/r/netsec/comments/14r66m2/extending_burp_suite_for_fun_and_profit_the/ \n\nStackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability\nhttps://www.reddit.com/r/netsec/comments/14rcfi0/stackrot_cve20233269_linux_kernel_privilege/ \n\n0day RCE in open source browsergame\nhttps://0x00sec.org/t/0day-rce-in-open-source-browsergame/35895 \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-07-06T07:00:05.000000Z"}, {"uuid": "a68eb390-43dd-4875-bfec-4487e6ed1a44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32694", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2028", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32694\n\ud83d\udd39 Description: Saleor Core is a composable, headless commerce API. Saleor's `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16.\n\ud83d\udccf Published: 2023-05-25T14:29:10.217Z\n\ud83d\udccf Modified: 2025-01-16T19:21:54.740Z\n\ud83d\udd17 References:\n1. https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f\n2. https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e", "creation_timestamp": "2025-01-16T19:56:12.000000Z"}, {"uuid": "f0e0ffae-fb9a-4987-9a4a-4176db34da03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/technical_private_cat/483", "content": "\u0427\u0442\u043e \u0442\u043e \u044f \u0441\u043e\u0432\u0441\u0435\u043c \u043f\u0440\u043e\u043f\u0443\u0441\u0442\u0438\u043b \u0432\u0443\u043b\u043d\u0443 \u0432 \u044f\u0434\u0440\u0435 \u043b\u0438\u043d\u0443\u0445\u0430 StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability \nhttps://github.com/lrh2000/StackRot/tree/master/exp", "creation_timestamp": "2023-08-08T01:36:02.000000Z"}, {"uuid": "ab67904f-a6b9-48ce-8781-b5861b73c2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/219", "content": "StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability\n\nAn article by Ruihan Li about exploiting StackRot \u2014 a locking bug in the virtual memory management subsystem that leads to a UAF-by-RCU vulnerability.\n\nThe author also shared an exploit that acquires root privileges in the Google kCTF challenge.", "creation_timestamp": "2023-08-06T02:38:11.000000Z"}, {"uuid": "ffd6f2e6-2909-4bba-baff-12d0b2102bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/523", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25exploitation write-up  & exploit code of StackRot (CVE-2023-3269) now available(Github repo)!", "creation_timestamp": "2024-04-26T21:56:54.000000Z"}, {"uuid": "b0759c48-972d-443d-b273-00f53ee38963", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/ctinow/122453", "content": "https://ift.tt/Jxf3X6L\nWhat You Need to Know About StackRot \u2013 CVE-2023-3269", "creation_timestamp": "2023-07-07T18:17:51.000000Z"}, {"uuid": "02470228-8d86-42ed-b8ab-2d39d37e03ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3119", "content": "25 Tools \ud83d\udd27 \ud83d\udd27 - Hackers Factory\n\nWinsocky\n\nWinsocket implementation for #CobaltStrike. Used to communicate with the victim using winsockets instead of the traditional ways.\n\nhttps://github.com/WKL-Sec/Winsocky\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUseful #OSINT hints and links\n\nhttps://github.com/seintpl/osint\n\n#cybersecurity #infosec\n\n\u200b\u200bPyrrha\n\nA tool for firmware cartography.\n\nhttps://github.com/quarkslab/pyrrha\n\n#cybersecurity #infosec\n\n\u200b\u200b\ud83d\udd79 apk.sh\n\napk.sh makes #reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.\n\nhttps://github.com/ax/apk.sh\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3269 \n\nLinux kernel privilege escalation vulnerability.\n\nhttps://github.com/lrh2000/StackRot\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bmmdb-server\n\nFast API server to lookup IP addresses for their geographic location.\n\nhttps://github.com/adulau/mmdb-server\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2868\n\nBarracuda ESG Command Injection\n\nhttps://github.com/cfielding-r7/poc-cve-2023-2868\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bDoge-COFFLdr\n\nIts a coff loader ported to go.\n\n\u2022 Ported to go\n\u2022 more opsec\n\u2022 support BeaconOutput\n\u2022 support other Beacon functions(todo)\n\nhttps://github.com/timwhitez/Doge-COFFLdr\n\n#infosec #pentesting #redteam\n\n\u200b\u200bSR-IOV Network Metrics Exporter\n\nExporter that reads metrics for SR-IOV Virtual Functions and exposes them in the Prometheus format.\n\nhttps://github.com/k8snetworkplumbingwg/sriov-network-metrics-exporter\n\n#cybersecurity #infosec\n\n\u200b\u200bnf-tables-lpe\n\nExploits of Team Orca from Sea Security and Qrious Secure for multiple vulnerabilities in Netfilter's nf_table module.\n\nhttps://github.com/kungfulon/nf-tables-lpe\n\n#cybersecurity #infosec\n\n\u200b\u200broute-detect\n\nFind authentication (authn) and authorization (authz) security bugs in web application routes.\n\nhttps://github.com/mschwager/route-detect\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bjava-gate\n\nJava JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders.\n\nhttps://github.com/4ra1n/java-gate\n\n#infosec #pentesting #redteam\n\nTakeMyRDP 2.0\n\nA keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.exe and CredentialUIBroker.exe) it operates in the background not as a console windows anymore and handles all messages in a hidden window.\n\nhttps://github.com/nocerainfosec/TakeMyRDP2.0\n\n#infosec #pentesting #redteam\n\nEvil QR\n\nProof-of-concept to demonstrate dynamic QR swap phishing attacks in practice.\n\nhttps://github.com/kgretzky/evilqr\n\n#cybersecurity #infosec\n\n\u200b\u200bDecrypt Chrome Passwords\n\nA simple program to decrypt chrome password saved on your machine. This code has only been tested on windows, so it may not work on other OS.\n\nhttps://github.com/ohyicong/decrypt-chrome-passwords\n\n#cybersecurity #infosec #redteam\n\n\u200b\u200bShortscan\n\nAn IIS short filename enumeration tool.\n\nhttps://github.com/bitquark/shortscan\n\n#cybersecurity #infosec\n\n\u200b\u200bFuzzyLogic.jl\n\nA Flexible Library for Efficient and Productive Fuzzy Inference\n \nhttps://github.com/lucaferranti/fuzzieee2023\n\n#cybersecurity #infosec\n\n\u200b\u200bDECREE\n\nThis is the code repository of the CVPR 2023 paper DECREE, \"Detecting Backdoors in Pre-trained Encoders\", the first backdoor detection method against self-supervising learning (SSL) backdoor attacks.\n\nhttps://github.com/GiantSeaweed/DECREE\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-36163\n\nCross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL.\n\nhttps://github.com/TraiLeR2/CVE-2023-36163\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-36167\n\nAn issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component\n\nhttps://github.com/TraiLeR2/CVE-2023-36167\n\n#cve #cybersecurity #infosec\n\n\u200b\u200b1/1", "creation_timestamp": "2023-07-27T07:52:46.000000Z"}, {"uuid": "9eae9dbe-c79a-4574-b0a6-89451ab0dd6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "Telegram/SKiXiUWW74i7wsrP1kljkrr_kCQX1DlRvCNbtmUqeBBpVg", "content": "", "creation_timestamp": "2023-07-06T15:36:07.000000Z"}, {"uuid": "e7e0d1a8-55f0-4fa3-bbd7-ad659c1f1d8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/KomunitiSiber/451", "content": "Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability\nhttps://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html\n\nDetails have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host.\nDubbed\u00a0StackRot\u00a0(CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.\n\"As StackRot is a Linux kernel vulnerability found in the memory", "creation_timestamp": "2023-07-06T15:09:01.000000Z"}, {"uuid": "ab4e182d-9bac-466e-bc71-54ce1b620ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3118", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - Hackers Factory\n\nWinsocky\n\nWinsocket implementation for #CobaltStrike. Used to communicate with the victim using winsockets instead of the traditional ways.\n\nhttps://github.com/WKL-Sec/Winsocky\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUseful #OSINT hints and links\n\nhttps://github.com/seintpl/osint\n\n#cybersecurity #infosec\n\n\u200b\u200bPyrrha\n\nA tool for firmware cartography.\n\nhttps://github.com/quarkslab/pyrrha\n\n#cybersecurity #infosec\n\n\u200b\u200bapk.sh\n\napk.sh makes #reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.\n\nhttps://github.com/ax/apk.sh\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3269 \n\nLinux kernel privilege escalation vulnerability.\n\nhttps://github.com/lrh2000/StackRot\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bmmdb-server\n\nFast API server to lookup IP addresses for their geographic location.\n\nhttps://github.com/adulau/mmdb-server\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2868\n\nBarracuda ESG Command Injection\n\nhttps://github.com/cfielding-r7/poc-cve-2023-2868\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bDoge-COFFLdr\n\nIts a coff loader ported to go.\n\n\u2022 Ported to go\n\u2022 more opsec\n\u2022 support BeaconOutput\n\u2022 support other Beacon functions(todo)\n\nhttps://github.com/timwhitez/Doge-COFFLdr\n\n#infosec #pentesting #redteam\n\n\u200b\u200bSR-IOV Network Metrics Exporter\n\nExporter that reads metrics for SR-IOV Virtual Functions and exposes them in the Prometheus format.\n\nhttps://github.com/k8snetworkplumbingwg/sriov-network-metrics-exporter\n\n#cybersecurity #infosec\n\n\u200b\u200bnf-tables-lpe\n\nExploits of Team Orca from Sea Security and Qrious Secure for multiple vulnerabilities in Netfilter's nf_table module.\n\nhttps://github.com/kungfulon/nf-tables-lpe\n\n#cybersecurity #infosec\n\n\u200b\u200broute-detect\n\nFind authentication (authn) and authorization (authz) security bugs in web application routes.\n\nhttps://github.com/mschwager/route-detect\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bjava-gate\n\nJava JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders.\n\nhttps://github.com/4ra1n/java-gate\n\napk.sh makes reverse engineering Android apps easier, automating  some repetitive tasks like pulling, decoding, rebuilding and patching an  APK.\n\nhttps://github.com/ax/apk.sh\n\n#infosec \n\nStackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability\n\nhttps://github.com/lrh2000/StackRot\n\n#infosec #cybersecurity \n\nChecklist for investigating the provenance and ownership of websites.\n\nhttps://github.com/jonkeegan/behind-this-website\n\n#infosec \n\nA C# Command & Control framework\n\nhttps://github.com/DragoQCC/HardHatC2\n\n#infosec #cybersecurity \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-07T18:06:56.000000Z"}, {"uuid": "8ba25c68-b688-45cb-8108-b3df4d7e2986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/861", "content": "CVE-2023-3269 : Linux (StackRot) - kernel privilege escalation \nPOC : https://github.com/lrh2000/StackRot", "creation_timestamp": "2023-08-28T22:46:06.000000Z"}, {"uuid": "95f0b444-bc34-4f8f-8c92-e0e53c74c6ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/proxy_bar/1607", "content": "CVE-2023-3269\nStackRot Linux kernel privilege escalation vulnerability\n\u0416\u0434\u0435\u043c \u0436\u0434\u0435\u043c))\n\n#linux #lpe", "creation_timestamp": "2023-07-07T16:55:41.000000Z"}, {"uuid": "49d85728-c7d2-4d22-8c52-708b994f8269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "Telegram/YncpU425KaZuXYT_IFeHRl8BU3oOvBV6qsHpcVh2vMlYjLI", "content": "", "creation_timestamp": "2023-08-21T17:11:36.000000Z"}, {"uuid": "f002306a-bfd2-47d2-923c-54a7f9d305a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/true_secator/4584", "content": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Linux \u0441 6.1 \u043f\u043e 6.4, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-3269 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 StackRot.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u044f\u0434\u0440\u0430 \u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0441 \u00ab\u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0441\u0438\u043b\u0438\u044f\u043c\u0438\u00bb. \n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0420\u0443\u0438\u0445\u0430\u043d\u0443 \u041b\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b \u043e \u0432\u043b\u0438\u044f\u043d\u0438\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430 \u043d\u0430 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u044f\u0434\u0440\u0430, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u043e\u0434\u043a\u0430\u0447\u043a\u0438 \u043f\u043e \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044e.\n\n\u041e\u0442\u0447\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c 15 \u0438\u044e\u043d\u044f, \u043f\u0430\u0442\u0447 \u0441\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0441 1 \u0438\u044e\u043b\u044f.\n\nStackRot \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 UAF \u0438 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u044f\u0434\u0440\u043e Linux \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043a\u0430 \u0432 \u0441\u0432\u043e\u0435\u0439 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043e\u0431\u043b\u0430\u0441\u0442\u044f\u043c\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 VMA.\n\n\u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u0441\u043b\u0430\u0431\u043e\u0435 \u043c\u0435\u0441\u0442\u043e - \u0432 maple tree, \u043d\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u043b\u044f VMA, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432 \u044f\u0434\u0440\u0435 Linux 6.1, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043c\u0435\u043d\u0438\u043b\u0430 red-black trees \u0438 \u043e\u043f\u0438\u0440\u0430\u043b\u0430\u0441\u044c \u043d\u0430 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c RCU.\n\n\u0420\u0443\u0438\u0445\u0430\u043d \u041b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f StackRot \u2014 \u0441\u043b\u043e\u0436\u043d\u0430\u044f \u0437\u0430\u0434\u0430\u0447\u0430. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e, CVE-2023-3269 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0435\u0440\u0432\u044b\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u043e\u043c \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0438\u0433\u043e\u0434\u043d\u043e\u0439 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f RCU (UAFBR).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u044a\u044f\u0432\u0438\u043b \u043e \u043f\u043b\u0430\u043d\u0430\u0445 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e StackRot \u0438 PoC \u043a \u043a\u043e\u043d\u0446\u0443 \u0438\u044e\u043b\u044f.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u044f\u0434\u0440\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432 Linux, \u0438 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044e, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043d\u0435 \u0432\u043b\u0438\u044f\u0435\u0442 StackRot, \u043b\u0438\u0431\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0443\u044e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435.", "creation_timestamp": "2023-07-06T11:55:35.000000Z"}, {"uuid": "371f7624-df05-4ec0-9d36-26def0556dc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "Telegram/J3EkFAVwDPLfZLLJCFIL9g2NAis74YRiMFgsPyg6siez0Yk", "content": "", "creation_timestamp": "2023-07-07T17:18:58.000000Z"}, {"uuid": "39d8d97f-97e9-4e61-b0e1-462ce2a192ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32698", "type": "seen", "source": "https://t.me/cibsecurity/64775", "content": "\u203c CVE-2023-32698 \u203c\n\nnFPM is an alternative to fpm. The file permissions on the checked-in files were not maintained. Hence, when nfpm packaged the files (without extra config for enforcing it\u00e2\u20ac\u2122s own permissions) files could go out with bad permissions (chmod 666 or 777). Anyone using nfpm for creating packages without checking/setting file permissions before packaging could result in bad permissions for files/folders.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-30T08:34:10.000000Z"}, {"uuid": "143475c5-5469-4aef-8c62-5bfa907e1f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/crackcodes/3817", "content": "CVE-2023-3269\nStackRot Linux kernel privilege escalation vulnerability\n\n\n#linux #lpe", "creation_timestamp": "2023-07-07T17:34:46.000000Z"}, {"uuid": "e218b62d-a300-4ff6-b176-39af19e61859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32697", "type": "seen", "source": "https://t.me/ctinow/181761", "content": "https://ift.tt/Jo3LwFD\nCVE-2023-32697 | Oracle SOA Suite 12.2.1.4.0 B2B Engine code injection", "creation_timestamp": "2024-02-09T02:16:42.000000Z"}, {"uuid": "79819ea3-4f6e-4bcc-8121-46f6e60f1de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32695", "type": "seen", "source": "https://t.me/cibsecurity/64741", "content": "\u203c CVE-2023-32695 \u203c\n\nsocket.io parser is a socket.io encoder and decoder written in JavaScript complying with version 5 of socket.io-protocol. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. A patch has been released in version 4.2.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-27T22:17:55.000000Z"}, {"uuid": "f8c137a0-c95d-4fc9-acf0-d1212710a7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32693", "type": "seen", "source": "https://t.me/cibsecurity/66424", "content": "\u203c CVE-2023-32693 \u203c\n\nDecidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The external link feature is susceptible to cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in versions 0.27.3 and 0.26.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T22:35:50.000000Z"}, {"uuid": "28df600b-e9ec-42a2-adb2-798cebfd7270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/information_security_channel/50217", "content": "StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs\nhttps://www.securityweek.com/stackrot-linux-kernel-vulnerability-shows-exploitability-of-uafbr-bugs/\n\nA new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs.\nThe post StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs (https://www.securityweek.com/stackrot-linux-kernel-vulnerability-shows-exploitability-of-uafbr-bugs/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-07-06T15:58:50.000000Z"}, {"uuid": "2fcc7dfe-daa1-4ad6-99a9-5461c863450f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/835", "content": "https://github.com/lrh2000/StackRot\nCVE-2023-3269: Linux kernel privilege escalation vulnerability\n\nLinux\u5185\u6838\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\n#github #\u63d0\u6743", "creation_timestamp": "2023-09-19T10:25:52.000000Z"}, {"uuid": "be9e31b9-7b6a-4647-84ef-0a35acb0496c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/thehackernews/3564", "content": "New Linux kernel vulnerability uncovered \u2192 StackRot (CVE-2023-3269) opens doors to unauthorized elevated privileges.  \n \nDetails here: https://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html", "creation_timestamp": "2023-07-06T12:58:58.000000Z"}, {"uuid": "12df0aeb-7d45-42d3-bac1-937f0d9ac020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11678", "content": "#Kernel_Security\n1. Ksmbd vulnerability research\n(CVE-2024-50283, CVE-2024-50285, CVE-2024-50286)\nhttps://blog.doyensec.com/2025/01/07/ksmbd-1.html\n2. Memory-related CVEs Exploited in kernelCTF (CVE-2023-3269, CVE-2024-50066)\nhttps://u1f383.github.io/linux/2025/01/12/memory-related-cves-exploited-in-kernelctf.html", "creation_timestamp": "2025-01-14T16:21:53.000000Z"}, {"uuid": "34e23697-ede5-4b80-92c7-ca34a44f7d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3269", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8627", "content": "#exploit\n1. rax30 patch diff analysis & nday exploit for zdi-23-496\nhttp://blog.coffinsec.com/nday/2023/05/12/rax30-patchdiff-nday-analysis.html\n\n2. CVE-2023-3269:\nLinux kernel privilege escalation vulnerability (StackRot)\nhttps://github.com/lrh2000/StackRot\n\n3. CVE-2023-2868:\nBarracuda ESG Command Injection\nhttps://github.com/cfielding-r7/poc-cve-2023-2868", "creation_timestamp": "2023-07-07T18:37:58.000000Z"}]}