Lucene search
PRIOn knowledge basePRION:CVE-2023-4206HistorySep 06, 2023 - 2:15 p.m.
Design/Logic Flaw
2023-09-0614:15:00
PRIOn knowledge base
www.prio-n.com
12
linux kernel
net/sched
cls_route
local privilege escalation
use-after-free
vulnerability
privilege escalation
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_route component can be exploited to achieve local privilege escalation.
When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free.
We recommend upgrading past commit b80b829e9e2c1b3f7aae34855e04d8f6ecaf13c8.
Related
cnvd
cnvd
Linux kernel elevation of privilege vulnerability (CNVD-2023-70082)
2023-09-11 00:00:00
cvelist
cvelist
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2023-4206)
2023-09-28 00:00:00
RHEL 8 : kpatch-patch (RHSA-2023:7558)
2024-01-26 00:00:00
CentOS 7 : kpatch-patch (RHSA-2023:7419)
2023-12-22 00:00:00
nvd
nvd
CVE-2023-4206
2023-09-06 14:15:11
CVE-2023-4128
2023-08-10 17:15:12
debiancve
debiancve
CVE-2023-4206
2023-09-06 14:15:11
cbl_mariner
cbl_mariner
CVE-2023-4206 affecting package kernel for versions less than 5.15.131.1-2
2023-09-27 18:02:50
cve
cve
CVE-2023-4206
2023-09-06 14:15:11
CVE-2023-4128
2023-08-10 17:15:12
amazon
amazon
Important: kernel
2023-09-27 22:48:00
Important: kernel
2023-09-13 23:15:00
Important: kernel
2023-09-27 22:48:00
ubuntucve
ubuntucve
CVE-2023-4206
2023-09-06 00:00:00
CVE-2023-4128
2023-08-10 00:00:00
f5
f5
redhatcve
redhatcve
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by vulnerabilities in the Linux Kernel
2024-01-24 18:45:22
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management
2024-01-12 16:31:57
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
2024-02-14 19:15:02
redhat
redhat
(RHSA-2023:7558) Important: kpatch-patch security update
2023-11-28 18:38:37
(RHSA-2024:0261) Important: kernel security update
2024-01-16 15:43:53
(RHSA-2023:7419) Important: kpatch-patch security update
2023-11-21 14:42:55
oraclelinux
oraclelinux
kernel security update
2023-11-22 00:00:00
Unbreakable Enterprise kernel security update
2023-10-03 00:00:00
kernel security, bug fix, and enhancement update
2023-11-12 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2024-01-12 19:36:38
openvas
openvas
CentOS: Security Advisory for bpftool (CESA-2023:7423)
2024-03-05 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3501)
2023-12-22 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3182)
2023-11-10 00:00:00
osv
osv
linux - security update
2023-09-09 00:00:00
linux - security update
2024-01-10 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-11-14 00:00:00
debian
debian
[SECURITY] [DSA 5492-1] linux security update
2023-09-09 21:40:04
[SECURITY] [DLA 3710-1] linux security update
2024-01-11 18:20:04
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-11-14 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-11-21 21:37:49