CVE-2023-6817

2023-12-1800:00:00

ubuntu.com

linux kernel

netfilter

use-after-free

local privilege escalation

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

JSON

A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables
component can be exploited to achieve local privilege escalation. The
function nft_pipapo_walk did not skip inactive elements during set walk
which could lead double deactivations of PIPAPO (Pile Packet Policies)
elements, leading to use-after-free. We recommend upgrading past commit
317eb9685095678f2c9f5a8189de698c5354316a.

Bugs

Notes

Author	Note
	Priority reason: By using unprivileged user namespaces, this can be exploited to achieve local privilege escalation.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchlinux< 5.15.0-92.102UNKNOWN
ubuntu23.10noarchlinux< 6.5.0-15.15UNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1052.57UNKNOWN
ubuntu23.10noarchlinux-aws< 6.5.0-1012.12UNKNOWN
ubuntu24.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1052.57~20.04.1UNKNOWN
ubuntu22.04noarchlinux-aws-6.2< 6.2.0-1018.18~22.04.1UNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1054.62UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	linux	< 5.15.0-92.102	UNKNOWN
ubuntu	23.10	noarch	linux	< 6.5.0-15.15	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1052.57	UNKNOWN
ubuntu	23.10	noarch	linux-aws	< 6.5.0-1012.12	UNKNOWN
ubuntu	24.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1052.57~20.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.2	< 6.2.0-1018.18~22.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	22.04	noarch	linux-azure	< 5.15.0-1054.62	UNKNOWN