ZDI 2026-03-30

ZDI-26-238: Linux Kernel AoE Driver Use-After-Free Local Privilege Escalation Vulnerability

CVE-2023-6270

Machine-generated analysis · WAYSCloud LLM

The vulnerability is a use-after-free in the Linux Kernel AoE driver that can be exploited by local attackers to escalate privileges.

Context

The affected component is the Linux Kernel's AoE (ATA over Ethernet) driver. The advisory describes a use-after-free condition that leads to local privilege escalation. An attacker must already have the ability to execute low-privileged code on the system. The CVSS score is rated 7.8, indicating a medium to high severity impact.

Operator considerations

Check: Determine if the AoE driver is enabled in the kernel configuration or loaded on the system.

From Zero Day Initiative ↗

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-6270.

Read the full advisory on ZDI →