Lucene search

K
nvd[email protected]NVD:CVE-2023-6817
HistoryDec 18, 2023 - 3:15 p.m.

CVE-2023-6817

2023-12-1815:15:10
CWE-416
web.nvd.nist.gov
10
use-after-free
nf_tables
local privilege escalation
pipapo
linux kernel
upgrade
commit 317eb9685095678f2c9f5a8189de698c5354316a
netfilter
vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.

We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

Affected configurations

Nvd
Node
linuxlinux_kernelRange5.65.10.204
OR
linuxlinux_kernelRange5.115.15.143
OR
linuxlinux_kernelRange5.166.1.68
OR
linuxlinux_kernelRange6.26.6.7
OR
linuxlinux_kernelMatch6.7rc1
OR
linuxlinux_kernelMatch6.7rc2
OR
linuxlinux_kernelMatch6.7rc3
OR
linuxlinux_kernelMatch6.7rc4
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*
linuxlinux_kernel6.7cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%