CVE-2023-5521

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-5521

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5521.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-5521

Published

2023-10-11T12:00:01.900Z

Modified

2026-04-12T09:09:24.825217Z

Severity

7.3 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Incorrect Authorization in tiann/kernelsu

Details

Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9.

Database specific

{
    "cna_assigner": "@huntrdev",
    "cwe_ids": [
        "CWE-863"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/5xxx/CVE-2023-5521.json"
}

References

Affected packages

Git / github.com/tiann/kernelsu

Affected ranges

Type: GIT
Repo: https://github.com/tiann/kernelsu
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

88289399947e84ce59beb85e5c933d309e65f5ff

Affected versions

v0.*

v0.1.3

v0.3.0

v0.3.2

v0.3.3

v0.3.4

v0.3.5

v0.3.6

v0.3.7

v0.3.8

v0.3.9

v0.4.0

v0.4.1

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.5.4

v0.5.5

v0.5.6

v0.5.7

v0.6.0

v0.6.1

v0.6.2

v0.6.6

v0.6.7

v0.6.8

Database specific

vanir_signatures_modified

"2026-04-12T09:09:24Z"

vanir_signatures

[
    {
        "id": "CVE-2023-5521-35ecfb58",
        "target": {
            "file": "kernel/apk_sign.c",
            "function": "check_v2_signature"
        },
        "deprecated": false,
        "digest": {
            "function_hash": "290464786034135243134045424827011163000",
            "length": 1751.0
        },
        "signature_type": "Function",
        "source": "https://github.com/tiann/kernelsu/commit/88289399947e84ce59beb85e5c933d309e65f5ff",
        "signature_version": "v1"
    },
    {
        "id": "CVE-2023-5521-e2868037",
        "target": {
            "file": "kernel/apk_sign.c"
        },
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "49453303951151919183421106145426989225",
                "229353761985416377069229035588866801280",
                "136298574305077043361427929967379207460",
                "201295667095462645014389675004837968592",
                "24781579564782768434613692410224043840",
                "322904521239700828280935014769000116270",
                "205802361802978322806455942305138907599",
                "74137351315691516257621196582759135926",
                "154478214287090811252198049753301603782",
                "12230374078232645693275934095224128685",
                "123142303276090687320386991434593804516",
                "145954138687569319650876039008584205390",
                "329379990550521069549370640320298051396",
                "101549282993167135475697856594524148261",
                "88618885758516904615590021453594189524",
                "183310077219301183618827941021724113462",
                "9707943972938479715811334122926489479",
                "259033728757261226497416793934618115173",
                "289080267825967632791443056840278776123",
                "9097238682146220237292267382351851289",
                "248294674763762213391450755900240542254",
                "149904645336665993828500510379581561674",
                "118685567146143352382148360357489909522",
                "326956356297276123546022701806421329410",
                "296416102713761338325982604698011752593"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://github.com/tiann/kernelsu/commit/88289399947e84ce59beb85e5c933d309e65f5ff",
        "signature_version": "v1"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5521.json"