Lucene search
Redhat.comRH:CVE-2023-3777HistorySep 06, 2023 - 6:05 p.m.
CVE-2023-3777
2023-09-0618:05:37
redhat.com
access.redhat.com
103
linux kernel
nf_tables
use-after-free
local privilege escalation
netfilter
mitigation
blacklist mechanism
0.0004 Low
EPSS
Percentile
5.2%
A use-after-free flaw was found in the Linux kernel’s netfilter: nf_tables component, which can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound, and the chain’s owner rule can release the objects in certain circumstances.
Mitigation
Mitigation for this issue is to skip loading the affected module "netfilter" onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
Related
cnvd
cnvd
Linux kernel elevation of privilege vulnerability (CNVD-2023-70086)
2023-09-08 00:00:00
cve
cve
CVE-2023-3777
2023-09-06 14:15:10
openvas
openvas
debiancve
debiancve
CVE-2023-3777
2023-09-06 14:15:10
prion
prion
Design/Logic Flaw
2023-09-06 14:15:00
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2023-3777
2023-08-03 00:00:00
nessus
nessus
RHEL 9 : kernel (RHSA-2024:0432)
2024-01-25 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:0431)
2024-01-25 00:00:00
Oracle Linux 9 : kernel (ELSA-2024-12094)
2024-01-26 00:00:00
redhat
redhat
(RHSA-2024:0432) Important: kernel security and bug fix update
2024-01-24 14:40:37
(RHSA-2024:0431) Important: kernel-rt security and bug fix update
2024-01-24 14:40:36
(RHSA-2024:0461) Important: kernel security update
2024-01-24 14:41:01
oraclelinux
oraclelinux
kernel security update
2024-01-26 00:00:00
kernel security update
2024-03-07 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-11-21 21:37:49