Home / Vulnerabilities / CVE-2023-0386
HIGH SEVERITY
CVE-2023-0386 Linux · Kernel

Linux Kernel Improper Ownership Management Vulnerability

Technical Severity

CVSS v3.1 Metrics

HIGH
7.8 / 10
Minimal Risk Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitation Likelihood

EPSS Prediction

59.84 %
Predictive Probability
Percentile Rank
98.2 th

Documented as more likely to be exploited than 98.2% of known CVEs.

Detection Date

Jun 17, 2025

Remediation Due

Jul 08, 2025

CISA Catalog Active

Threat Analysis

Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Remediation Directive

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

External Intelligence

This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a

https://access.redhat.com/security/cve/cve-2023-0386

https://access.redhat.com/security/cve/cve-2023-0386

https://security.netapp.com/advisory/ntap-20230420-0004/

https://security.netapp.com/advisory/ntap-20230420-0004/
NVD

National Vulnerability Database

https://nvd.nist.gov/vuln/detail/CVE-2023-0386