CVE-2023-2163Incorrect Calculation in Kernel

CWE-682Incorrect Calculation29 documents10 sources
Severity
8.8HIGHNVD
OSV6.8OSV6.5OSV5.5OSV4.7VulnCheck10.0
EPSS
0.2%
top 56.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxGoogle Chrome Chrome+1 more
Timeline
PublishedSep 20
Latest updateOct 13

Description

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 2.0 | Impact: 6.0

Affected Packages7 packages

CVEListV5linux/linux_kernel< 71b547f561247897a0a14f3082730156c0533fed
NVDlinux/linux_kernel5.35.4.242+4
Debianlinux/linux_kernel< 5.10.179-1+3
Ubuntulinux/linux_kernel< 5.4.0-162.179+1

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

12
OSV
linux-bluefield vulnerabilities2023-09-26
OSV
CVE-2023-2163: Incorrect verifier pruning in BPF in Linux Kernel >=52023-09-20
OSV
linux-oem-6.0 vulnerabilities2023-09-19
OSV
linux-ibm, linux-ibm-5.4 vulnerabilities2023-09-11
OSV
linux-azure-5.4, linux-gcp-5.4, linux-gkeop, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities2023-09-08

📋Vendor Advisories

14
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2023-21632023-10-06
Ubuntu
Linux kernel (BlueField) vulnerabilities2023-09-26
Ubuntu
Linux kernel (OEM) vulnerabilities2023-09-19
Microsoft
Incorrect Verifier Branch Pruning Logic Leads To Arbitrary Read/Write In Linux Kernel and Lateral Privilege Escalation2023-09-12
Ubuntu
Linux kernel (IBM) vulnerabilities2023-09-11

📄Research Papers

1
arXiv
Agora: Trust Less and Open More in Verification for Confidential Computing2025-10-13

💬Community

1
Bugzilla
CVE-2023-2163 kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe2023-09-22