PT-2023-4154 · Linux+10 · Linux Kernel+10

Alex

·

Publicado

2023-07-19

·

Atualizado

2024-09-13

·

CVE-2023-4004

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free flaw was found in the Linux kernel's netfilter, specifically in the way a user triggers the nft pipapo remove function with the element, without a NFT SET EXT KEY END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. The exploitation of this flaw may impact the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2023:5069
ALSA-2023:5091
ALSA-2023:5244
ALT-PU-2023-5060
ALT-PU-2023-5748
ALT-PU-2023-5787
ALT-PU-2023-7004
ALT-PU-2023-8472
ALT-PU-2024-4263
ALT-PU-2024-4843
AZL-27796
BDU:2023-04466
CESA-2023_5221
CESA-2023_5244
CESA-2023_5255
CVE-2023-4004
DLA-3623-1
DSA-5480-1
DSA-5492-1
LSN-0098-1
LSN-0099-1
MGASA-2023-0250
MGASA-2023-0251
OESA-2023-1492
OESA-2023-1493
OESA-2023-1496
OPENSUSE-SU-2023_3302-1
OPENSUSE-SU-2023_3311-1
OPENSUSE-SU-2023_3313-1
OPENSUSE-SU-2023_3318-1
OPENSUSE-SU-2023_3376-1
OPENSUSE-SU-2023_3377-1
OPENSUSE-SU-2023_4166-1
RHSA-2023:4961
RHSA-2023:4962
RHSA-2023:4967
RHSA-2023:5069
RHSA-2023:5091
RHSA-2023:5093
RHSA-2023:5221
RHSA-2023:5244
RHSA-2023:5255
RHSA-2023:5548
RHSA-2023:5627
RHSA-2023:7382
RHSA-2023:7389
RHSA-2023:7411
RHSA-2023:7417
RHSA-2023:7431
RHSA-2023:7434
RHSA-2023_5069
RHSA-2023_5091
RHSA-2023_5244
RHSA-2023_5255
RLSA-2023:5091
RLSA-2023:5244
RXSA-2023:5244
SUSE-SU-2023:3302-1
SUSE-SU-2023:3311-1
SUSE-SU-2023:3313-1
SUSE-SU-2023:3318-1
SUSE-SU-2023:3376-1
SUSE-SU-2023:3377-1
SUSE-SU-2023:4095-1
SUSE-SU-2023:4142-1
SUSE-SU-2023:4166-1
SUSE-SU-2023:4175-1
SUSE-SU-2023:4201-1
SUSE-SU-2023:4219-1
SUSE-SU-2023:4239-1
SUSE-SU-2023:4260-1
SUSE-SU-2023:4261-1
SUSE-SU-2023:4267-1
SUSE-SU-2023:4285-1
SUSE-SU-2023:4308-1
SUSE-SU-2023:4322-1
SUSE-SU-2023:4326-1
USN-6315-1
USN-6316-1
USN-6318-1
USN-6321-1
USN-6325-1
USN-6328-1
USN-6330-1
USN-6332-1
USN-6348-1
USN-6385-1
USN-6442-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu