CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation.Β The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when βtcf_exts_exec()β is called with the destroyed tcf_ext.Β A local attacker user can use this vulnerability to elevate its privileges to root.
This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:* |
linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"packageName": "kernel",
"product": "Linux Kernel",
"repo": "https://git.kernel.org",
"vendor": "Linux",
"versions": [
{
"lessThanOrEqual": "6.2",
"status": "affected",
"version": "4.14",
"versionType": "custom"
}
]
}
]
www.openwall.com/lists/oss-security/2023/04/11/3
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee059170b1f7e94e55fa6cadee544e176a6e59c2
kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2
lists.debian.org/debian-lts-announce/2023/05/msg00005.html
lists.debian.org/debian-lts-announce/2023/05/msg00006.html
security.netapp.com/advisory/ntap-20230427-0004/