CVE-2023-2008

HIGH

Linux Kernel < 5.19 - Privilege Escalation via udmabuf Fault Handler Array Index Validation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-2008. PoCs published by bluefrostsecurity.

AI-analyzed exploit summary This is a functional proof-of-concept exploit for CVE-2023-2008, targeting a heap overflow vulnerability in the Linux kernel's udmabuf driver. It leverages heap spraying and memory manipulation to achieve local privilege escalation by modifying the /etc/passwd file.

Description

A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.

Exploits (1)

nomisec WORKING POC 40 stars
by bluefrostsecurity · poc
https://github.com/bluefrostsecurity/CVE-2023-2008

This is a functional proof-of-concept exploit for CVE-2023-2008, targeting a heap overflow vulnerability in the Linux kernel's udmabuf driver. It leverages heap spraying and memory manipulation to achieve local privilege escalation by modifying the /etc/passwd file.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Linux kernel < 5.19-rc4
Auth required
Prerequisites: Access to /dev/udmabuf (requires membership in the 'kvm' group) · Linux kernel version < 5.19-rc4
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.8
EPSS 0.0101
EPSS Percentile 58.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-129
Status published
Products (2)
linux/linux_kernel 5.19 (4 CPE variants)
linux/linux_kernel < 5.19
Published Apr 14, 2023
Tracked Since Feb 18, 2026