Lucene search

K
cvelistGoogleCVELIST:CVE-2023-4623
HistorySep 06, 2023 - 1:56 p.m.

CVE-2023-4623 Use-after-free in Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component

2023-09-0613:56:57
CWE-416
Google
www.cve.org
3
vulnerability
linux kernel
net/sched
use-after-free
hfsc qdisc traffic control
local privilege escalation
link-sharing curve
parent
commit
b3d26c5702c7d6c45456326e56d2ccf3f103e60f

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

5.1%

A use-after-free vulnerability in the Linux kernel’s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.

If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.

We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.

CNA Affected

[
  {
    "vendor": "Linux",
    "product": "Kernel",
    "packageName": "kernel",
    "repo": "https://git.kernel.org",
    "versions": [
      {
        "status": "affected",
        "version": "2.6.12",
        "lessThan": "6.6",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

5.1%