UAF in ALSA PCM (SNDRV_CTL_IOCTL_ELEM) allows root escalation
CVE-2023-0266 Published on January 30, 2023
Use after free in SNDRV_CTL_IOCTL_ELEM in Linux Kernel
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
Known Exploited Vulnerability
This Linux Kernel Use-After-Free Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.
The following remediation steps are recommended / required by April 20, 2023: Apply updates per vendor instructions.
Vulnerability Analysis
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2023-0266 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2023-0266
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-0266 are published in these products:
Affected Versions
Linux Kernel:- Version 4.14 and below 56b88b50565cd8b946a2d00b0c83927b7ebb055e is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.