Lucene search

K
redhatcveRedhat.comRH:CVE-2023-52581
HistoryMar 04, 2024 - 6:27 p.m.

CVE-2023-52581

2024-03-0418:27:36
redhat.com
access.redhat.com
7
linux kernel
nftables
use-after-free
local attacker
crash
system
race problem
set gc
transaction
source code
mitigation
blacklist mechanism

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.1

Confidence

Low

EPSS

0

Percentile

10.3%

A use-after-free flaw was found in the Linux kernel’s nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system. This flaw is similar to the previous CVE-2023-4244 but for a different part of the source code.

Mitigation

Mitigation for this issue is to skip loading the affected module "nftables" onto the system until we have an available fix. This can be done by a blacklist mechanism and will ensure the driver is not loaded at the boot time.

How do I blacklist a kernel module to prevent it from loading automatically?  
https://access.redhat.com/solutions/41278   

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.1

Confidence

Low

EPSS

0

Percentile

10.3%