CVE-2023-0266
Linux Kernel Use-After-Free Vulnerability
CVSS
—
No CVSS
EPSS
3.7%
p89
KEV
YES
Mar 30, 2023
Exploit Today
77
0-100
Published: — · Last modified: —
3.7%EPSS · 30 days3.7%
2026-06-302026-07-17
Product
Linux / Kernel
Vulnerability
Linux Kernel Use-After-Free Vulnerability
Added to KEV
Mar 30, 2023
Remediate by
Apr 20, 2023
Known ransomware use
No
Summary description
Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user.
Required action
Apply updates per vendor instructions.
Notes
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-5.10/alsa-pcm-move-rwsem-lock-inside-snd_ctl_elem_read-to-prevent-uaf.patch?id=72783cf35e6c55bca84c4bb7b776c58152856fd4; https://nvd.nist.gov/vuln/detail/CVE-2023-0266
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-314317.8 HIG99.9%
KEV—80Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability3dCVE-2022-0847—99.8%
KEV—80Linux Kernel Privilege Escalation Vulnerability—CVE-2016-5195—99.7%
KEV—80Linux Kernel Race Condition Vulnerability—CVE-2021-22555—99.5%
KEV—80Linux Kernel Heap Out-of-Bounds Write Vulnerability—CVE-2019-13272—98.8%
KEV—80Linux Kernel Improper Privilege Management Vulnerability—CVE-2013-2094—98.7%
KEV—80Linux Kernel Privilege Escalation Vulnerability—