PT-2023-1958 · Linux+10 · Linux Kernel+10

Valis

·

Published

2023-02-22

·

Updated

2024-04-15

·

CVE-2023-1281

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel versions 4.14 through the version before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2
Description A Use After Free vulnerability in the Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when tcf exts exec() is called with the destroyed tcf ext. A local attacker user can use this vulnerability to elevate its privileges to root.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:4517
ALSA-2023:4541
ALT-PU-2023-1331
ALT-PU-2023-1332
ALT-PU-2023-1355
ALT-PU-2023-1372
ALT-PU-2023-1373
ALT-PU-2023-1378
ALT-PU-2023-1407
ALT-PU-2023-1409
ALT-PU-2023-1497
ALT-PU-2023-1503
ALT-PU-2023-4894
ALT-PU-2024-4263
ALT-PU-2024-4843
AZL-25690
BDU:2023-01571
CESA-2023_4517
CESA-2023_4531
CESA-2023_4541
CVE-2023-1281
DLA-3403-1
DLA-3404-1
LSN-0094-1
OESA-2023-1187
OESA-2023-1188
OESA-2023-1197
OESA-2023-1209
RHSA-2023:3852
RHSA-2023:3853
RHSA-2023:4125
RHSA-2023:4126
RHSA-2023:4130
RHSA-2023:4145
RHSA-2023:4146
RHSA-2023:4255
RHSA-2023:4256
RHSA-2023:4262
RHSA-2023:4517
RHSA-2023:4531
RHSA-2023:4541
RHSA-2023_4517
RHSA-2023_4541
RLSA-2023:4517
RLSA-2023:4541
SUSE-SU-2023:1800-1
SUSE-SU-2023:1801-1
SUSE-SU-2023:1802-1
SUSE-SU-2023:1803-1
SUSE-SU-2023:1811-1
SUSE-SU-2023:1848-1
SUSE-SU-2023:1892-1
SUSE-SU-2023:1894-1
SUSE-SU-2023:1897-1
SUSE-SU-2023:1992-1
SUSE-SU-2023:2369-1
SUSE-SU-2023:2371-1
SUSE-SU-2023:2376-1
SUSE-SU-2023:2384-1
SUSE-SU-2023:2389-1
SUSE-SU-2023:2399-1
SUSE-SU-2023:2405-1
SUSE-SU-2023:2415-1
SUSE-SU-2023:2416-1
SUSE-SU-2023:2423-1
SUSE-SU-2023:2425-1
SUSE-SU-2023:2431-1
SUSE-SU-2023:2442-1
SUSE-SU-2023:2443-1
SUSE-SU-2023:2448-1
SUSE-SU-2023:2453-1
SUSE-SU-2023:2455-1
SUSE-SU-2023:2459-1
SUSE-SU-2023:2468-1
SUSE-SU-2023:4273-1
SUSE-SU-2023:4280-1
SUSE-SU-2023:4319-1
USN-5977-1
USN-5978-1
USN-6024-1
USN-6025-1
USN-6027-1
USN-6029-1
USN-6030-1
USN-6031-1
USN-6040-1
USN-6057-1
USN-6093-1
USN-6134-1
USN-6222-1
USN-6256-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu