stackrot

Vulnerability updated 6 months ago (2024-05-04T19:05:30.144Z)

Download STIX

Preview STIX

StackRot (CVE-2023-3269) is a significant Linux kernel privilege escalation vulnerability discovered by security researcher Ruihan Li in July 2023. The flaw, found in the memory management subsystem, affects almost all kernel configurations and impacts Linux versions 6.1 through 6.4. StackRot pertains to the Linux kernel's handling of stack expansion, a mechanism for automatically growing or expanding the stack memory of a running process. The vulnerability has been present in the Linux kernel since version 6.1 when the VMA tree structure was changed from red-black trees to maple trees. The exploit for StackRot is likely the first to successfully exploit a UAFBR bug, marking it as a unique and severe threat. This vulnerability allows attackers to escalate privileges on affected systems, creating potential for significant security breaches. Its CVSS score of 7.8 further emphasizes the critical nature of this flaw. Despite its severity, triggering the vulnerability requires minimal capabilities, making it even more concerning. Ruihan Li reported the vulnerability to Linux kernel developers on June 15, 2023, and some information regarding StackRot was made public shortly thereafter. A comprehensive write-up and complete exploit code are expected to be released publicly no later than the end of July 2023. The community anticipates these details to better understand the vulnerability and develop effective mitigation strategies.

Description last updated: 2024-05-04T18:29:03.082Z

What's your take? (Question 1 of 3)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Linux

Vulnerability

Exploit

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

Alias Description	Association Type	Votes
The vulnerability CVE-2023-3269 is associated with stackrot.	Unspecified	2

Source Document References

Information about the stackrot Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
CERT-EU	a year ago	Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability
CERT-EU	a year ago	StackRot Linux Kernel Bug Has Exploit Code on the Way
CERT-EU	a year ago	StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs
CERT-EU	a year ago	Kernel Linux: la nuova falla di StackRot - Cyber Security 360
CERT-EU	a year ago	StackRot: Linux Bug so bad Linus Dives Into Code to Fix It
CERT-EU	a year ago	Researchers Discovered a New Linux Kernel 'StackRot' Privilege Escalation Vulnerability - Slashdot
CERT-EU	a year ago	Researchers Discovered a New Linux Kernel 'StackRot' Privilege Escalation Vulnerability Discovered - Slashdot
CERT-EU	a year ago	Novel Linux kernel vulnerability exploitable for elevated privileges
CERT-EU	a year ago	This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach
CERT-EU	a year ago	StackRot: A New Linux Kernel Flaw Allows Privilege Escalation
CERT-EU	a year ago	StackRot - New Linux kernel Privilege Escalation Vulnerability
CERT-EU	a year ago	oss-sec: StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability
CERT-EU	a year ago	StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs \| Antivirus and Security news
Securityaffairs	a year ago	StackRot, a new Linux Kernel privilege escalation vulnerability
CERT-EU	a year ago	StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs \| IT Security News