PT-2023-3663 · Linux+9 · Linux Kernel+9

Mingi Cho

·

Published

2023-07-05

·

Updated

2025-11-19

·

CVE-2023-31248

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description The issue is related to a use-after-free vulnerability in the nft chain lookup byid() function, which failed to check whether a chain was active and if CAP NET ADMIN is in any user or network namespace. This vulnerability can be exploited to escalate privileges, potentially impacting the confidentiality, integrity, and availability of protected information. The vulnerability is associated with a race condition due to concurrent access to a resource.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

ALSA-2023:5069
ALSA-2023:5091
ALT-PU-2023-4638
ALT-PU-2023-8472
ALT-PU-2024-4263
ALT-PU-2024-4843
BDU:2023-03947
CVE-2023-31248
DLA-3512-1
DSA-5453-1
LSN-0096-1
LSN-0097-1
MGASA-2023-0237
MGASA-2023-0243
OESA-2023-1435
OESA-2023-1436
OESA-2023-1437
OPENSUSE-SU-2023_3171-1
OPENSUSE-SU-2023_3172-1
OPENSUSE-SU-2023_3180-1
OPENSUSE-SU-2023_3182-1
OPENSUSE-SU-2023_3302-1
OPENSUSE-SU-2023_3318-1
OPENSUSE-SU-2023_3391-1
RHSA-2023:5069
RHSA-2023:5091
RHSA-2023:5093
RHSA-2023:5575
RHSA-2023:5603
RHSA-2023:5604
RHSA-2023_5069
RHSA-2023_5091
RLSA-2023:5091
ROSA-SA-2023-2241
SUSE-SU-2023:3171-1
SUSE-SU-2023:3172-1
SUSE-SU-2023:3180-1
SUSE-SU-2023:3182-1
SUSE-SU-2023:3302-1
SUSE-SU-2023:3318-1
SUSE-SU-2023:3391-1
SUSE-SU-2023:3421-1
SUSE-SU-2023:3772-1
SUSE-SU-2023:3773-1
SUSE-SU-2023:3783-1
SUSE-SU-2023:3784-1
SUSE-SU-2023:3892-1
SUSE-SU-2023:3922-1
SUSE-SU-2023:3923-1
SUSE-SU-2023:3928-1
SUSE-SU-2023_3171-1
SUSE-SU-2023_3172-1
SUSE-SU-2023_3180-1
SUSE-SU-2023_3182-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03613-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03626-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3751-1
SUSE-SU-2025:3761-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4141-1
SUSE-SU-2025_03600-1
SUSE-SU-2025_03634-1
SUSE-SU-2025_3751-1
SUSE-SU-2025_4057-1
SUSE-SU-2025_4132-1
SUSE-SU-2025_4141-1
USN-6246-1
USN-6247-1
USN-6248-1
USN-6250-1
USN-6255-1
USN-6260-1
USN-6285-1
ZDI-23-899

Affected Products

Alt Linux
Almalinux
Astra Linux
Linux Kernel
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu