Lucene search
GoogleCVELIST:CVE-2023-3609HistoryJul 21, 2023 - 8:47 p.m.
CVE-2023-3609 Use-after-free in Linux kernel's net/sched: cls_u32 component
2023-07-2120:47:12
CWE-416
Google
raw.githubusercontent.com
3
linux kernel
net/sched
cls_u32 component
use-after-free
vulnerability
privilege escalation
tcf_change_indev()
u32_set_parms()
tcf_bind_filter()
reference counter
commit 04c55383fa5689357bcdd2c8036725a55ed632bc
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_u32 component can be exploited to achieve local privilege escalation.
If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.
We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
Related
debiancve
debiancve
CVE-2023-3609
2023-07-21 21:15:11
ubuntucve
ubuntucve
CVE-2023-3609
2023-07-21 00:00:00
ibm
ibm
cbl_mariner
cbl_mariner
CVE-2023-3609 affecting package kernel 5.10.185.1-1
2023-08-15 16:37:27
CVE-2023-3609 affecting package kernel for versions less than 5.15.122.1-2
2023-08-10 16:37:57
redhatcve
redhatcve
CVE-2023-3609
2023-07-25 12:47:15
f5
f5
K000137790 : Linux kernel vulnerability CVE-2023-3609
2023-12-05 00:00:00
cnvd
cnvd
Linux has a binary vulnerability
2024-01-22 00:00:00
cve
cve
CVE-2023-3609
2023-07-21 21:15:11
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2023-3609)
2023-08-11 00:00:00
RHEL 8 : kpatch-patch (RHSA-2023:7410)
2023-11-21 00:00:00
RHEL 7 : kernel (RHSA-2023:7294)
2023-11-15 00:00:00
githubexploit
githubexploit
Exploit for Use After Free in Linux Linux Kernel
2023-09-01 10:44:56
prion
prion
Design/Logic Flaw
2023-07-21 21:15:00
redhat
redhat
(RHSA-2023:7294) Important: kernel security update
2023-11-15 19:27:38
(RHSA-2023:7410) Important: kpatch-patch security update
2023-11-21 09:55:12
(RHSA-2023:5622) Important: kernel security and bug fix update
2023-10-10 14:35:56
amazon
amazon
Important: kernel
2023-08-03 18:09:00
Important: kernel
2023-08-03 20:16:00
Important: kernel
2023-08-03 18:09:00
oraclelinux
oraclelinux
kernel security and bug fix update
2023-10-11 00:00:00
osv
osv
linux, linux-aws, linux-aws-5.4, linux-gcp, linux-hwe-5.4, linux-kvm, linux-oracle, linux-xilinx-zynqmp vulnerabilities
2023-08-29 21:12:53
linux-raspi, linux-raspi-5.4 vulnerabilities
2023-09-06 14:11:44
linux-gkeop vulnerabilities
2023-08-31 13:23:41
ubuntu
ubuntu
Linux kernel (GKE) vulnerabilities
2023-08-31 00:00:00
Linux kernel vulnerabilities
2023-08-29 00:00:00
Linux kernel (Raspberry Pi) vulnerabilities
2023-09-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6346-1)
2023-09-07 00:00:00
Ubuntu: Security Advisory (USN-6324-1)
2023-09-01 00:00:00
Ubuntu: Security Advisory (USN-6317-1)
2023-08-30 00:00:00
virtuozzo
virtuozzo
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0644
2023-09-06 00:00:00