{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T21:15:46.711","vulnerabilities":[{"cve":{"id":"CVE-2023-5717","sourceIdentifier":"cve-coordination@google.com","published":"2023-10-25T18:17:43.913","lastModified":"2025-02-13T18:15:59.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve local privilege escalation.\n\nIf perf_read_group() is called while an event's sibling_list is smaller than its child's sibling_list, it can increment or write to memory locations outside of the allocated buffer.\n\nWe recommend upgrading past commit 32671e3799ca2e4590773fd0e63aaa4229e50c06."},{"lang":"es","value":"Se puede aprovechar una vulnerabilidad de escritura fuera de límites del montón en el componente Linux Kernel Performance Events (perf) del kernel de Linux para lograr una escalada de privilegios local. Si se llama a perf_read_group() mientras la lista de hermanos de un evento es más pequeña que la lista de hermanos de su hijo, puede incrementar o escribir en ubicaciones de memoria fuera del búfer asignado. Recomendamos actualizar después del commit 32671e3799ca2e4590773fd0e63aaa4229e50c06."}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@google.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"cve-coordination@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.95","versionEndExcluding":"3.3","matchCriteriaId":"D0791B33-98B2-4081-91D6-F6E6C6342088"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.16.50","versionEndExcluding":"3.17","matchCriteriaId":"04CF39E5-B417-4D51-8790-B5A3C24CF085"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4","versionEndExcluding":"4.14.328","matchCriteriaId":"9C31A02B-0175-4A49-8B2A-63D1F07114C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.297","matchCriteriaId":"02978144-891F-40EF-83B8-59063740AEF6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.259","matchCriteriaId":"E9F46843-24C9-4AC7-B6BB-1EF101D05435"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.199","matchCriteriaId":"8D886A8D-A6CD-44FA-ACF5-DD260ECA7A1B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.137","matchCriteriaId":"ED031B8B-BFA9-4475-A6D1-1419BDE46E7D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.60","matchCriteriaId":"E8DBCAF5-D3B4-4DBB-A86B-26B0A6F7B805"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.5.9","matchCriteriaId":"7530F3AE-8FCB-4E55-B216-62CE4E1CEDA3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*","matchCriteriaId":"84267A4F-DBC2-444F-B41D-69E15E1BEC97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*","matchCriteriaId":"FB440208-241C-4246-9A83-C1715C0DAA6C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*","matchCriteriaId":"0DC421F1-3D5A-4BEF-BF76-4E468985D20B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*","matchCriteriaId":"00AB783B-BE05-40E8-9A55-6AA457D95031"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*","matchCriteriaId":"E7C78D0A-C4A2-4D41-B726-8979E33AD0F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*","matchCriteriaId":"E114E9DD-F7E1-40CC-AAD5-F14E586CB2E6"}]}]}],"references":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/events?id=32671e3799ca2e4590773fd0e63aaa4229e50c06","source":"cve-coordination@google.com","tags":["Mailing List","Patch"]},{"url":"https://kernel.dance/32671e3799ca2e4590773fd0e63aaa4229e50c06","source":"cve-coordination@google.com","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","source":"cve-coordination@google.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html","source":"cve-coordination@google.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/events?id=32671e3799ca2e4590773fd0e63aaa4229e50c06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://kernel.dance/32671e3799ca2e4590773fd0e63aaa4229e50c06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}