CVE-2024-0584
Publication date 16 January 2024
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
** REJECT ** Do not use this CVE as it is duplicate of CVE-2023-6932
Read the notes from the security team
Why is this CVE high priority?
By using unprivileged user namespaces, this can be exploited to achieve local privilege escalation.
Mitigation
If not needed, disable the ability for unprivileged users to create namespaces. To do this temporarily, do: sudo sysctl -w kernel.unprivileged_userns_clone=0 To disable across reboots, do: echo kernel.unprivileged_userns_clone=0 | \ sudo tee /etc/sysctl.d/99-disable-unpriv-userns.conf
Notes
Severity score breakdown
Parameter | Value |
---|---|
Base score | 5.5 · Medium |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |