PT-2023-4716 · Linux+7 · Linux Kernel+7

Lonial Con

·

Published

2023-08-16

·

Updated

2026-03-14

·

CVE-2023-4569

CVSS v2.0

6.2

Medium

VectorAV:L/AC:L/Au:S/C:C/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A memory leak flaw was found in the nft set catchall flush function in the net/netfilter/nf tables api.c component of the Linux kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. The exploitation of this flaw is related to the repeated freeing of previously freed memory, which may allow an attacker to access protected information or cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-415CWE-402CWE-401

Related Identifiers

ALT-PU-2023-5748
ALT-PU-2023-5787
ALT-PU-2023-7004
ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-28545
BDU:2023-05142
CVE-2023-4569
DSA-5492-1
LSN-0102-1
LSN-0103-1
OPENSUSE-SU-2023_3599-1
OPENSUSE-SU-2023_3599-2
OPENSUSE-SU-2023_3600-1
OPENSUSE-SU-2023_3600-2
OPENSUSE-SU-2023_3656-1
OPENSUSE-SU-2023_3682-1
OPENSUSE-SU-2023_3683-1
OPENSUSE-SU-2023_3683-2
OPENSUSE-SU-2023_3704-1
OPENSUSE-SU-2023_3704-2
OPENSUSE-SU-2023_3964-1
OPENSUSE-SU-2023_3969-1
OPENSUSE-SU-2023_3971-1
OPENSUSE-SU-2023_3988-1
SUSE-SU-2023:3599-1
SUSE-SU-2023:3599-2
SUSE-SU-2023:3600-1
SUSE-SU-2023:3600-2
SUSE-SU-2023:3656-1
SUSE-SU-2023:3682-1
SUSE-SU-2023:3964-1
SUSE-SU-2023:3969-1
SUSE-SU-2023:3971-1
SUSE-SU-2023:3988-1
USN-6383-1
USN-6384-1
USN-6385-1
USN-6386-1
USN-6386-2
USN-6386-3
USN-6466-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu