PT-2023-4322 · Linux+7 · Linux Kernel+7

Kevin Rich

·

Publicado

2023-07-23

·

Atualizado

2025-01-09

·

CVE-2023-4147

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A use-after-free flaw was found in the Linux kernel's Netfilter functionality when adding a rule with NFTA RULE CHAIN ID. This flaw allows a local user to crash or escalate their privileges on the system. The issue is related to incorrect handling in the nf tables newrule() function in the net/netfilter/nf tables api.c module. Exploitation of this issue may impact the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-911CWE-416

Identificadores relacionados

ALSA-2023:5069
ALSA-2023:5091
ALT-PU-2023-5060
ALT-PU-2023-5748
ALT-PU-2023-5787
ALT-PU-2023-7004
ALT-PU-2023-8474
ALT-PU-2024-6818
AZL-27897
BDU:2023-04657
CVE-2023-4147
DLA-3623-1
DSA-5480-1
DSA-5492-1
MGASA-2023-0250
MGASA-2023-0251
OESA-2023-1511
OESA-2023-1512
OESA-2023-1513
OPENSUSE-SU-2023_3599-1
OPENSUSE-SU-2023_3599-2
OPENSUSE-SU-2023_3600-1
OPENSUSE-SU-2023_3600-2
OPENSUSE-SU-2023_3656-1
OPENSUSE-SU-2023_3682-1
OPENSUSE-SU-2023_3683-1
OPENSUSE-SU-2023_3683-2
OPENSUSE-SU-2023_3684-1
OPENSUSE-SU-2023_3704-1
OPENSUSE-SU-2023_3704-2
OPENSUSE-SU-2023_3964-1
OPENSUSE-SU-2023_3969-1
OPENSUSE-SU-2023_3971-1
OPENSUSE-SU-2023_3988-1
OPENSUSE-SU-2023_4165-1
OPENSUSE-SU-2023_4166-1
RHSA-2023:5069
RHSA-2023:5091
RHSA-2023:5093
RHSA-2023:7382
RHSA-2023:7389
RHSA-2023:7411
RHSA-2023_5069
RHSA-2023_5091
RLSA-2023:5091
SUSE-SU-2023:3599-1
SUSE-SU-2023:3599-2
SUSE-SU-2023:3600-1
SUSE-SU-2023:3600-2
SUSE-SU-2023:3656-1
SUSE-SU-2023:3682-1
SUSE-SU-2023:3684-1
SUSE-SU-2023:3785-1
SUSE-SU-2023:3964-1
SUSE-SU-2023:3969-1
SUSE-SU-2023:3971-1
SUSE-SU-2023:3988-1
SUSE-SU-2023:4165-1
SUSE-SU-2023:4166-1
SUSE-SU-2023:4175-1
SUSE-SU-2023:4201-1
SUSE-SU-2023:4219-1
SUSE-SU-2023:4239-1
SUSE-SU-2023:4260-1
SUSE-SU-2023:4267-1
SUSE-SU-2023:4285-1
SUSE-SU-2023:4301-1
SUSE-SU-2023:4308-1
SUSE-SU-2023:4322-1
SUSE-SU-2023:4325-1
SUSE-SU-2023:4326-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse