Lucene search

K
cvelistGoogleCVELIST:CVE-2023-6817
HistoryDec 18, 2023 - 2:37 p.m.

CVE-2023-6817 Use-after-free in Linux kernel's netfilter: nf_tables component

2023-12-1814:37:05
CWE-416
Google
www.cve.org
3
use-after-free vulnerability
linux kernel
nf_tables
local privilege escalation
pipapo
commit 317eb9685095678f2c9f5a8189de698c5354316a

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.

We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

CNA Affected

[
  {
    "vendor": "Linux",
    "product": "Kernel",
    "packageName": "kernel",
    "repo": "https://git.kernel.org",
    "versions": [
      {
        "status": "affected",
        "version": "5.6",
        "lessThan": "6.7",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%