CVE-2023-6040

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 5.18-rc1 Linux Kernel versions 5.4.y Linux Kernel versions 5.10.y Linux Kernel versions 5.15.y

Description The issue is related to an out-of-bounds access vulnerability in the nf tables newtable function of the Linux Kernel's netfilter module. This vulnerability can be exploited to gain unauthorized access to protected information. The lack of a safeguard against invalid nf tables family values within the nf tables newtable function enables an attacker to achieve out-of-bounds access. Disabling unprivileged user namespaces can mitigate the issue.

Recommendations For Linux Kernel versions 5.4.y, consider disabling unprivileged user namespaces to minimize the risk of exploitation. For Linux Kernel versions 5.10.y, consider disabling unprivileged user namespaces to minimize the risk of exploitation. For Linux Kernel versions 5.15.y, consider disabling unprivileged user namespaces to minimize the risk of exploitation. For Linux Kernel versions prior to 5.18-rc1, consider disabling unprivileged user namespaces to minimize the risk of exploitation. As a temporary workaround, consider restricting the use of the nf tables newtable function until a patch is available.