CVE-2023-46813

HIGH

Linux kernel <6.5.9 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-46813. PoCs published by Freax13.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-46813, targeting a vulnerability in SEV-SNP VMs. The exploit leverages MMIO memory manipulation to escalate privileges by swapping task credentials with those of the init process.

Description

An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it.

Exploits (1)

nomisec WORKING POC 8 stars
by Freax13 · poc
https://github.com/Freax13/cve-2023-46813-poc

This repository contains a functional exploit for CVE-2023-46813, targeting a vulnerability in SEV-SNP VMs. The exploit leverages MMIO memory manipulation to escalate privileges by swapping task credentials with those of the init process.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Linux kernel with SEV-SNP VMs
No auth needed
Prerequisites: SEV-SNP VM environment · QEMU with specific patches applied · Access to the target VM
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v3 7.0
EPSS 0.0069
EPSS Percentile 48.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

Status published
Products (1)
linux/linux_kernel < 6.5.9
Published Oct 27, 2023
Tracked Since Feb 18, 2026