Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2023-1829

Published: 12/04/2023 Updated: 05/10/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Linux

Vulnerability Summary

This vulnerability allows local malicious users to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the tcindex module. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 82 Update Services for SAP SolutionsRed Hat Produ ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch-4_18_0-147_78_1, kpatch-patch-4_18_0-147_80_1, kpatch-patch-4_18_0-147_81_1, kpatch-patch-4_18_0- ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Security ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Securit ...
Red Hat: Important: kpatch-patch security update
概述 Important: kpatch-patch security update 类型/严重性 Security Advisory: Important Red Hat Insights 补丁分析 识别并修复受此公告影响的系统。 查看受影响的系统 标题 An update for kpatch-patch is now available for Red Hat Enterprise Linux 84 Update Services for SAP SolutionsRed Hat Product Securi ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 84 Advanced Mission Critical Update Support, ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Red Hat: Important: kernel-rt security update
Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 82 Telecommunications Update ServiceRed Hat Product Sec ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Lin ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat P ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure whic ...

Github Repositories

https://github.com/lanleft/CVE2023-1829

CVE-2023-1829 The exploitation is tested on Ubuntu2204 official source code 5150-2525 Installing dependences for some netlink filter functions sudo apt install libnftnl-dev libmnl-dev Building step: make References githubcom/randorisec/CVE-2022-34918-LPE-PoC/tree/main

https://github.com/N1ghtu/RWCTF5th-RIPTC

Exploit for Real World CTF 6th RIPTC.

RWCTF6th-RIPTC Preface RIPTC is a hard (1 solve/ 2291 teams) realworld linux kernel challenge in Real World CTF 6th And I managed to solve it after a day's hard work playing the CTF with Nu1L Before we start Because there's already some really cool and excellent material out there, I won’t go into Linux Traffic Control subsystem's detail here If you are

https://github.com/N1ghtu/RWCTF6th-RIPTC

Exploit for Real World CTF 6th RIPTC.

RWCTF6th-RIPTC Preface RIPTC is a hard (1 solve/ 2291 teams) realworld linux kernel challenge in Real World CTF 6th And I managed to solve it after a day's hard work playing the CTF with Nu1L Before we start Because there's already some really cool and excellent material out there, I won’t go into Linux Traffic Control subsystem's detail here If you are

References

CWE-416https://kernel.dance/#8c710f75256bb3cf05ac7b1672c82b92c43f3d28https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c710f75256bb3cf05ac7b1672c82b92c43f3d28https://lists.debian.org/debian-lts-announce/2023/05/msg00005.htmlhttps://lists.debian.org/debian-lts-announce/2023/05/msg00006.htmlhttps://security.netapp.com/advisory/ntap-20230601-0001/https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2023:7417https://github.com/N1ghtu/RWCTF5th-RIPTChttps://www.zerodayinitiative.com/advisories/ZDI-23-898/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook