Lucene search
Redhat.comRH:CVE-2023-4623HistorySep 07, 2023 - 7:35 a.m.
CVE-2023-4623
2023-09-0707:35:57
redhat.com
access.redhat.com
112
linux kernel
use-after-free
local privilege escalation
sch_hfsc
mitigation
module blacklisting
A use-after-free flaw was found in the Linux kernel’s net/sched: sch_hfsc (HFSC qdisc traffic control) component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSC_FSC flag set, has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free issue.
Mitigation
To mitigate this issue, prevent the module sch_hfsc from being loaded by blacklisting the module to prevent it from loading automatically.
https://access.redhat.com/solutions/41278
Related
nessus
nessus
RHEL 7 : kernel (RHSA-2024:1747)
2024-04-10 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2023-13039)
2023-12-12 00:00:00
debiancve
debiancve
CVE-2023-4623
2023-09-06 14:15:12
openvas
openvas
ubuntucve
ubuntucve
CVE-2023-4623
2023-09-06 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-4623 affecting package kernel for versions less than 5.15.135.1-2
2023-11-08 02:07:28
cvelist
cvelist
prion
prion
Design/Logic Flaw
2023-09-06 14:15:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-12-11 00:00:00
kernel security update
2024-02-09 00:00:00
kernel security update
2024-02-29 00:00:00
redhat
redhat
(RHSA-2024:1747) Important: kernel security update
2024-04-10 07:51:25
(RHSA-2024:1960) Important: kpatch-patch security update
2024-04-23 00:08:42
(RHSA-2024:1746) Important: kernel security update
2024-04-10 07:51:22
cnvd
cnvd
Linux kernel elevation of privilege vulnerability (CNVD-2023-70079)
2023-09-11 00:00:00
cve
cve
CVE-2023-4623
2023-09-06 14:15:12
virtuozzo
virtuozzo
amazon
amazon
Important: kernel
2023-09-27 22:48:00
Important: kernel
2023-09-27 22:15:00
Important: kernel
2023-09-27 22:48:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-10-30 00:00:00
Linux kernel (OEM) vulnerabilities
2023-10-04 00:00:00
Linux kernel (GCP) vulnerabilities
2023-10-23 00:00:00
osv
osv
linux vulnerabilities
2023-10-30 20:42:30
linux-oem-6.1 vulnerabilities
2023-10-04 20:59:37
linux-gcp-5.4 vulnerabilities
2023-10-23 18:07:08
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0488
2023-10-12 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0656
2023-09-27 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0101
2023-09-26 00:00:00
cloudlinux
cloudlinux
kernel: Fix of 13 CVEs
2024-01-17 12:28:37
kernel: Fix of 13 CVEs
2024-01-17 12:32:48
