Rewterz Threat Alert – AsyncRAT – Active IOCs

January 17, 2023

Rewterz Threat Advisory – Multiple Apache Superset Vulnerabilities

January 17, 2023

Rewterz Threat Advisory – Multiple Linux Kernel Vulnerabilities

January 17, 2023

Severity

High

Analysis Summary

CVE-2023-0122 CVSS:7.5

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the nvmet_setup_auth function in drivers/nvme/target/auth.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2023-0179 CVSS:7.8

Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a stack-based buffer overflow in the Netfilter subsystem. By executing a specially-crafted program, an authenticated attacker could exploit this vulnerability to gain elevated privileges as root.

CVE-2023-23559 CVSS:9.8

Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the rndis_query_oid function in drivers/net/wireless/rndis_wlan.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-23455 CVSS:6.2

Linux Kernel is vulnerable to a denial of service, caused by a type confusion flaw in the atm_tc_enqueue function in net/sched/sch_atm.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2023-23454 CVSS:6.2

Linux Kernel is vulnerable to a denial of service, caused by a slab-out-of-bounds read flaw in the cbq_classify function in net/sched/sch_cbq.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2022-4842 CVSS:5.5

Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the attr_punch_hole() function in the NTFS3 driver. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause system to crash.

Impact

Denial of Service
Privilege Escalation
Integer Overflow

Indicators Of Compromise

CVE

CVE-2023-0122
CVE-2023-0179
CVE-2023-23559
CVE-2023-23455
CVE-2023-23454
CVE-2022-4842

Affected Vendors

Linux

Affected Products

Linux Kernel 6.0-rc2
Linux Kernel 6.0-rc1
Linux Kernel 6.0-rc3
Linux Kernel 6.2-rc1
Linux Kernel
Linux Kernel 6.1.4

Remediation

Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – AsyncRAT – Active IOCs

Rewterz Threat Advisory – Multiple Apache Superset Vulnerabilities

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.