A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.
We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
References
Configurations
History
11 Jan 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Nov 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Oct 2023, 16:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.6 |
02 Oct 2023, 20:21
Type | Values Removed | Values Added |
---|---|---|
First Time |
Linux
Linux linux Kernel |
|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-416 | |
References | (MISC) https://kernel.dance/f15f29fd4779be8a418b66e9d52979bb6d6c2325 - Patch, Vendor Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f15f29fd4779be8a418b66e9d52979bb6d6c2325 - Patch |
27 Sep 2023, 15:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-27 15:19
Updated : 2024-02-28 20:33
NVD link : CVE-2023-5197
Mitre link : CVE-2023-5197
CVE.ORG link : CVE-2023-5197
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-416
Use After Free