1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Linux Kernel Improper Ownership Management Vulnerability

Known Exploited Vulnerabilities CVE-2023-0386

Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-0386 Linux Kernel Improper Ownership Management Vulnerability exploitation_technique T1055.012 Process Hollowing
Comments
Linux kernel's OverlayFS contains a privilege escalation vulnerability that allows a local user with no privileges to obtain root-level privileges.
References
  1. https://www.vicarius.io/vsociety/posts/cve-2023-0386-a-linux-kernel-bug-in-overlayfs
CVE-2023-0386 Linux Kernel Improper Ownership Management Vulnerability exploitation_technique T1548.001 Setuid and Setgid
Comments
Linux kernel's OverlayFS contains a privilege escalation vulnerability that allows a local user with no privileges to obtain root-level privileges.
References
  1. https://www.vicarius.io/vsociety/posts/cve-2023-0386-a-linux-kernel-bug-in-overlayfs
CVE-2023-0386 Linux Kernel Improper Ownership Management Vulnerability primary_impact T1543 Create or Modify System Process
Comments
Linux kernel's OverlayFS contains a privilege escalation vulnerability that allows a local user with no privileges to obtain root-level privileges.
References
  1. https://www.vicarius.io/vsociety/posts/cve-2023-0386-a-linux-kernel-bug-in-overlayfs
CVE-2023-0386 Linux Kernel Improper Ownership Management Vulnerability secondary_impact T1562 Impair Defenses
Comments
Linux kernel's OverlayFS contains a privilege escalation vulnerability that allows a local user with no privileges to obtain root-level privileges.
References
  1. https://www.vicarius.io/vsociety/posts/cve-2023-0386-a-linux-kernel-bug-in-overlayfs