kernel: use after free in nft_immediate_deactivate

A use-after-free flaw was found in the Linux kernel's netfilter: nftables component, which can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nftimmediatedeactivate can unbind the chain and objects can be...

OESA-2023-1636 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2SESSIONSETUP commands. The issue results from the lack of control of resource consumption...

The vulnerability of the nft_immediate_deactivate() function in the net/netfilter/nft_immediate.c file of the netfilter network interface layer in the Linux operating system allows a hacker to trigger a service failure or exert other effects.

The vulnerability of the nftimmediatedeactivate function in the net/netfilter/nftimmediate.c file of the netfilter network interface layer in the Linux operating system is related to improper handling during rule creation. Exploiting this vulnerability could allow an attacker to cause service...

UBUNTU-CVE-2023-4015

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nftimmediatedeactivate can lead unbinding the chain and objects be deactivate...

PT-2023-4318 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability in the Linux kernel's netfilter: nf tables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule,...