Lucene search
Mingi Cho of TheoriZDI-23-899HistoryJul 06, 2023 - 12:00 a.m.
(Pwn2Own) Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability
2023-07-0600:00:00
Mingi Cho of Theori
www.zerodayinitiative.com
17
pwn2own
linux kernel
nftables
use-after-free
local privilege escalation
vulnerability
nft_chains
arbitrary code
0.0004 Low
EPSS
Percentile
16.1%
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of nft_chains. The issue results from the lack of validating the status of a chain while processing lookup on the chain. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.
Related
prion
prion
Privilege escalation
2023-07-05 19:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-31248
2023-07-05 19:15:09
debiancve
debiancve
CVE-2023-31248
2023-07-05 19:15:09
redhatcve
redhatcve
CVE-2023-31248
2023-07-10 18:17:47
cve
cve
CVE-2023-31248
2023-07-05 19:15:09
ubuntucve
ubuntucve
CVE-2023-31248
2023-07-05 00:00:00
openvas
openvas
Fedora: Security Advisory for kernel-headers (FEDORA-2023-3661f028b8)
2023-07-26 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2023-3661f028b8)
2023-07-26 00:00:00
Fedora: Security Advisory for kernel-tools (FEDORA-2023-e4e985b5dd)
2023-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: kernel-headers-6.4.4-200.fc38
2023-07-23 01:30:41
[SECURITY] Fedora 37 Update: kernel-headers-6.4.4-100.fc37
2023-07-23 01:25:12
[SECURITY] Fedora 37 Update: kernel-6.4.4-100.fc37
2023-07-23 01:25:12
nessus
nessus
Fedora 37 : kernel / kernel-headers / kernel-tools (2023-3661f028b8)
2023-07-23 00:00:00
Fedora 38 : kernel / kernel-headers / kernel-tools (2023-e4e985b5dd)
2023-07-23 00:00:00
Debian DSA-5453-1 : linux - security update
2023-07-17 00:00:00
debian
debian
[SECURITY] [DSA 5453-1] linux security update
2023-07-16 21:39:59
[SECURITY] [DLA 3512-1] linux-5.10 security update
2023-08-02 15:00:39
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2023-07-27 01:07:49
Updated kernel packages fix security vulnerabilities
2023-07-19 22:53:31
osv
osv
redhat
redhat
(RHSA-2023:5575) Important: kpatch-patch security update
2023-10-10 10:06:23
(RHSA-2023:5093) Important: kpatch-patch security update
2023-09-12 07:46:19
(RHSA-2023:5604) Important: kernel security and bug fix update
2023-10-10 14:20:39
ubuntu
ubuntu
Kernel Live Patch Security Notice
2023-07-25 00:00:00
Linux kernel (OEM) vulnerabilities
2023-07-25 00:00:00
Linux kernel vulnerabilities
2023-07-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2241
2023-10-10 09:26:01
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-09-15 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0457
2023-08-25 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0059
2023-07-28 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-09-12 00:00:00
Important: kernel-rt security and bug fix update
2023-09-12 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2023-09-19 12:09:59
ibm
ibm
redos
redos
ROS-20230904-01
2023-09-04 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-11-21 21:37:49