CVE-2023-0386

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux...

Basic Information

CVE State: PUBLISHED
Reserved Date: January 18, 2023
Published Date: March 22, 2023
Last Updated: October 21, 2025
Vendor: n/a
Product: Kernel
Description: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
Tags

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Score: 48.67% (Percentile: 97.80%) as of 2026-05-31

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2026-06-01 13:30:39 UTC) Source
Proof of Concept Available: Yes (added 2023-05-05 03:02:13 UTC) Source

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a https://security.netapp.com/advisory/ntap-20230420-0004/ https://www.debian.org/security/2023/dsa-5402 https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Known Exploited Vulnerability Information

Source	Added Date
CVE	2026-06-01 10:33:20 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2023_0386_overlayfs_priv_esc.rb	2025-04-28 15:02:12 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

cve_2023_0386_overlayfs_priv_esc

Type: metasploit • Created: Unknown

Metasploit module for CVE-2023-0386

puckiestyle/CVE-2023-0386

Type: github • Created: 2023-12-23 11:01:55 UTC • Stars: 2

Fanxiaoyao66/CVE-2023-0386

Type: github • Created: 2023-06-28 07:49:52 UTC • Stars: 16

非常简单的CVE-2023-0386's exp and analysis.Use c and sh.

sxlmnwb/CVE-2023-0386

Type: github • Created: 2023-05-16 10:26:10 UTC • Stars: 40

Vulnerabilities Exploitation On Ubuntu 22.04

AiK1d/CVE-2023-0386

Type: github • Created: 2023-05-08 01:53:50 UTC • Stars: 4

CVE-2023-0386 EXP

chenaotian/CVE-2023-0386

Type: github • Created: 2023-05-06 06:07:23 UTC • Stars: 117

CVE-2023-0386 analysis and Exp

xkaneiki/CVE-2023-0386

Type: github • Created: 2023-05-05 03:02:13 UTC • Stars: 391

CVE-2023-0386在ubuntu22.04上的提权

Satheesh575555/linux-4.19.72_CVE-2023-0386

Type: github • Created: 2023-05-04 11:55:43 UTC • Stars: 4

veritas501/CVE-2023-0386

Type: github • Created: 2023-04-20 08:51:20 UTC • Stars: 10

Timeline

CVE ID Reserved

January 18, 2023
CVE Published to Public

March 22, 2023
Proof of Concept Exploit Available

May 05, 2023
Detected by Metasploit

April 28, 2025
Added to KEVIntel

June 01, 2026