CVE-2023-39191 (enterprise_linux, fedora, linux_kernel)

An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.

arbitrary code attacker code context cve dynamic ebpf fedora flaw found input input validation issue kernel linux linux kernel may privileges subsystem validation