Lucene search
F5F5:K000138731HistoryFeb 27, 2024 - 12:00 a.m.
K000138731 : Linux vulnerability CVE-2023-3776
2024-02-2700:00:00
my.f5.com
17
linux
cls_fw component
local privilege escalation
use-after-free vulnerability
cve-2023-3776
net/sched
tcf_change_indev()
fw_set_parms()
Security Advisory Description
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f. (CVE-2023-3776)
Impact
This vulnerability may allow a local attacker to gain local privilege escalation.
Related
cve
cve
CVE-2023-3776
2023-07-21 21:15:11
cbl_mariner
cbl_mariner
CVE-2023-3776 affecting package kernel for versions less than 5.15.122.1-2
2023-08-10 16:37:57
CVE-2023-3776 affecting package kernel 5.10.185.1-1
2023-08-15 16:37:27
debiancve
debiancve
CVE-2023-3776
2023-07-21 21:15:11
redhatcve
redhatcve
CVE-2023-3776
2023-07-25 15:47:39
prion
prion
Design/Logic Flaw
2023-07-21 21:15:00
ubuntucve
ubuntucve
CVE-2023-3776
2023-07-21 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2023-3776)
2023-08-11 00:00:00
RHEL 8 : kpatch-patch (RHSA-2023:7410)
2023-11-21 00:00:00
RHEL 7 : kernel (RHSA-2023:7294)
2023-11-15 00:00:00
nvd
nvd
CVE-2023-3776
2023-07-21 21:15:11
cvelist
cvelist
CVE-2023-3776 Use-after-free in Linux kernel's net/sched: cls_fw component
2023-07-21 20:49:53
redhat
redhat
(RHSA-2023:7294) Important: kernel security update
2023-11-15 19:27:38
(RHSA-2023:7410) Important: kpatch-patch security update
2023-11-21 09:55:12
(RHSA-2023:5775) Important: kpatch-patch security update
2023-10-17 08:57:35
amazon
amazon
Important: kernel
2023-08-03 20:16:00
Important: kernel
2023-08-03 18:09:00
Important: kernel
2023-08-03 18:09:00
oraclelinux
oraclelinux
kernel security update
2024-04-22 00:00:00
kernel security, bug fix, and enhancement update
2023-09-21 00:00:00
kernel security update
2023-11-22 00:00:00
osv
osv
linux-gkeop vulnerabilities
2023-08-31 13:23:41
linux vulnerabilities
2023-09-06 00:11:17
linux-gcp-5.4, linux-oracle-5.4 vulnerabilities
2023-08-31 22:07:37
openvas
openvas
Ubuntu: Security Advisory (USN-6329-1)
2023-09-01 00:00:00
Ubuntu: Security Advisory (USN-6341-1)
2023-09-06 00:00:00
Ubuntu: Security Advisory (USN-6317-1)
2023-08-30 00:00:00
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2023-09-06 00:00:00
Linux kernel vulnerabilities
2023-08-31 00:00:00
Linux kernel vulnerabilities
2023-08-29 00:00:00
ibm
ibm
virtuozzo
virtuozzo
rocky
rocky
kernel security, bug fix, and enhancement update
2023-10-06 22:19:15
kernel security, bug fix, and enhancement update
2023-09-26 13:26:05
kernel-rt security and bug fix update
2023-09-19 12:09:59
centos
centos
bpftool, kernel, perf, python security update
2024-01-12 19:36:38
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-09-19 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-09-12 00:00:00
Important: kernel-rt security and bug fix update
2023-09-12 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0457
2023-08-25 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0059
2023-07-28 00:00:00