A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system.

References

bugzilla.redhat.com/show_bug.cgi?id=2213260

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1240eb93f0616b21c675416516ff3d74798fdc97

nvd.nist.gov/vuln/detail/CVE-2023-3390

www.cve.org/CVERecord?id=CVE-2023-3390

nessus 75

cvelist 2

f5 1

veracode 1

ubuntucve 3

oraclelinux 7

cbl_mariner 3

broadcom 1

osv 17

redhatcve 4

prion 3

amazon 2

redhat 26

githubexploit 5

almalinux 2

nvd 3

virtuozzo 2

cve 3

rocky 1

debiancve 2

alpinelinux 1

openvas 18

ubuntu 10

mageia 2

debian 3

ibm 2

nessus

Oracle Linux 8 : kernel (ELSA-2023-3349)

2023-06-02 00:00:00

AlmaLinux 8 : kpatch-patch (ALSA-2023:3351)

2023-06-05 00:00:00

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2023-046)

2023-06-06 00:00:00

cvelist

CVE-2023-32233

2023-05-08 00:00:00

CVE-2023-3390 Use-after-free in Linux kernel's netfilter subsystem

2023-06-28 20:02:07

K000135206 : Linux kernel vulnerability CVE-2023-32233

2023-06-23 00:00:00

veracode

Use-After-Free

2023-05-11 07:16:36

ubuntucve

CVE-2023-32233

2023-05-08 00:00:00

CVE-2023-3390

2023-06-28 00:00:00

CVE-2023-3117

2023-06-30 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2023-06-13 00:00:00

kernel security and bug fix update

2023-06-01 00:00:00

Unbreakable Enterprise kernel-container security update

2023-06-13 00:00:00

cbl_mariner

CVE-2023-32233 affecting package kernel 5.10.179.1-1

2023-06-13 20:02:41

CVE-2023-32233 affecting package kernel for versions less than 5.15.112.1-1

2023-06-02 21:37:28

CVE-2023-3390 affecting package kernel for versions less than 5.15.122.1-2

2023-08-10 16:37:57

broadcom

A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. (CVE-2023-32233)

2023-11-07 00:00:00

osv

CVE-2023-32233

2023-05-08 20:15:20

Important: kernel-rt security and bug fix update

2023-06-13 19:54:33

Important: kernel security and bug fix update

2023-05-30 00:00:00

redhatcve

CVE-2023-32233

2023-05-08 17:21:57

CVE-2023-6817

2023-12-18 20:27:05

CVE-2024-0193

2024-01-17 11:08:36

prion

Design/Logic Flaw

2023-05-08 20:15:00

Design/Logic Flaw

2023-06-28 21:15:00

Open redirect

2023-06-30 22:15:00

amazon

Important: kernel

2023-05-25 17:41:00

Important: kernel

2023-05-25 17:41:00

redhat

(RHSA-2023:3351) Important: kpatch-patch security update

2023-05-30 14:45:56

(RHSA-2023:3350) Important: kernel-rt security and bug fix update

2023-05-30 14:45:56

(RHSA-2023:3349) Important: kernel security and bug fix update

2023-05-30 14:45:55

githubexploit

Exploit for Use After Free in Linux Linux Kernel

2024-04-01 01:20:21

Exploit for Use After Free in Linux Linux Kernel

2023-05-16 02:22:26

Exploit for Use After Free in Linux Linux Kernel

2023-05-16 03:06:40

almalinux

Important: kernel security and bug fix update

2023-05-30 00:00:00

Important: kernel-rt security and bug fix update

2023-05-30 00:00:00

nvd

CVE-2023-32233

2023-05-08 20:15:20

CVE-2023-3390

2023-06-28 21:15:10

CVE-2023-3117

2023-06-30 22:15:10

virtuozzo

[Important] [Security] Virtuozzo ReadyKernel Patch 164.1 for Virtuozzo Hybrid Server 7.5

2023-11-28 00:00:00

[Important] [Security] Virtuozzo ReadyKernel Patch 163.1 for Virtuozzo Hybrid Server 7.5

2023-11-07 00:00:00

cve

CVE-2023-32233

2023-05-08 20:15:20

CVE-2023-3390

2023-06-28 21:15:10

CVE-2023-3117

2023-06-30 22:15:10

rocky

kernel-rt security and bug fix update

2023-06-13 19:54:33

debiancve

CVE-2023-3390

2023-06-28 21:15:10

CVE-2023-32233

2023-05-08 20:15:20

alpinelinux

CVE-2023-32233

2023-05-08 20:15:20

openvas

Ubuntu: Security Advisory (USN-6122-1)

2023-05-31 00:00:00

Mageia: Security Advisory (MGASA-2023-0238)

2023-07-20 00:00:00

Debian: Security Advisory (DSA-5402-1)

2023-05-15 00:00:00

ubuntu

Linux kernel (OEM) vulnerabilities

2023-05-30 00:00:00

Linux kernel vulnerabilities

2023-06-01 00:00:00

Linux kernel (IoT) vulnerabilities

2023-07-28 00:00:00

mageia

Updated kernel-linus packages fix security vulnerabilities

2023-07-19 22:53:31

Updated kernel packages fix security vulnerabilities

2023-07-19 22:53:31

debian

[SECURITY] [DLA 3446-1] linux-5.10 security update

2023-06-05 18:45:37

[SECURITY] [DSA 5402-1] linux security update

2023-05-13 11:20:28

[SECURITY] [DSA 5461-1] linux security update

2023-07-30 07:30:11

ibm

Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Elastic Storage System

2023-12-04 10:25:24

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities. [CVE-2022-42889, CVE-2023-35001, CVE-2023-32233]

2023-12-19 17:17:59

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for RH:CVE-2023-3390