A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2023:5069 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:5091 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:5093 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:7382 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:7389 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2023:7411 | Third Party Advisory |
https://access.redhat.com/security/cve/CVE-2023-4147 | Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2225239 | Issue Tracking Patch Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211 | Mailing List Patch |
https://www.spinics.net/lists/stable/msg671573.html | Mailing List Patch |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
16 Sep 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Aug 2024, 16:08
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/errata/RHSA-2023:7382 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:7389 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:7411 - Third Party Advisory |
21 Nov 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Nov 2023, 02:17
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian debian Linux
Redhat enterprise Linux Eus Redhat enterprise Linux For Real Time Redhat enterprise Linux Server Aus Redhat enterprise Linux For Real Time For Nfv Debian |
|
References | (MISC) https://www.debian.org/security/2023/dsa-5480 - Third Party Advisory | |
References | (MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html - Mailing List, Third Party Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:5093 - Third Party Advisory | |
References | (MISC) https://www.debian.org/security/2023/dsa-5492 - Third Party Advisory | |
References | (MISC) https://security.netapp.com/advisory/ntap-20231020-0006/ - Third Party Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:5069 - Third Party Advisory | |
References | (MISC) https://access.redhat.com/errata/RHSA-2023:5091 - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
20 Oct 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Oct 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Sep 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Sep 2023, 12:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Aug 2023, 18:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Aug 2023, 14:27
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2225239 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://www.spinics.net/lists/stable/msg671573.html - Mailing List, Patch | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211 - Mailing List, Patch | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-4147 - Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Fedoraproject
Linux Redhat Linux linux Kernel Fedoraproject fedora Redhat enterprise Linux |
|
CPE | cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* |
|
CWE | CWE-416 |
07 Aug 2023, 15:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-07 14:15
Updated : 2024-09-16 13:15
NVD link : CVE-2023-4147
Mitre link : CVE-2023-4147
CVE.ORG link : CVE-2023-4147
JSON object : View
Products Affected
linux
- linux_kernel
debian
- debian_linux
redhat
- enterprise_linux_server_aus
- enterprise_linux_for_real_time
- enterprise_linux
- enterprise_linux_for_real_time_for_nfv
- enterprise_linux_eus
fedoraproject
- fedora
CWE
CWE-416
Use After Free