A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU) race condition. When a particular process flow is initiated, an attacker can exploit this condition to gain unauthorized elevated privileges on the affected system.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published: 2023-10-25T00:24:34.090Z
Updated: 2024-08-02T17:30:13.558Z
Reserved: 2023-07-12T01:00:11.881Z
Link: CVE-2023-38041
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-10-25T18:17:28.757
Modified: 2024-11-21T08:12:43.760
Link: CVE-2023-38041
Redhat
No data.