Lucene search

K
nvd[email protected]NVD:CVE-2023-4921
HistorySep 12, 2023 - 8:15 p.m.

CVE-2023-4921

2023-09-1220:15:10
CWE-416
web.nvd.nist.gov
9
linux kernel
use-after-free
sch_qfq
privilege escalation
vulnerability
local
upgrade
commit
qdisc
network packets

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

5.1%

A use-after-free vulnerability in the Linux kernel’s net/sched: sch_qfq component can be exploited to achieve local privilege escalation.

When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue().

We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.

Affected configurations

Nvd
Node
linuxlinux_kernelRange3.84.14.326
OR
linuxlinux_kernelRange4.154.19.295
OR
linuxlinux_kernelRange4.205.4.257
OR
linuxlinux_kernelRange5.55.10.195
OR
linuxlinux_kernelRange5.115.15.132
OR
linuxlinux_kernelRange5.166.1.54
OR
linuxlinux_kernelRange6.26.5.4
Node
debiandebian_linuxMatch10.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

5.1%