Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ALASKERNEL-5.15-2023-028

Related Vulnerabilities: CVE-2023-4244   CVE-2023-42754   CVE-2023-42756   CVE-2023-5197  

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. (CVE-2023-4244) ipv4: fix null-deref in ipv4_link_failure NOTE: https://www.openwall.com/lists/oss-security/2023/10/02/8NOTE: https://git.kernel.org/linus/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c (6.6-rc3) (CVE-2023-42754) A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. (CVE-2023-42756) A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325. (CVE-2023-5197)

Source

ALASKERNEL-5.15-2023-028

Amazon Linux 2 Security Advisory: ALASKERNEL-5.15-2023-028
Advisory Release Date: 2023-10-12 17:29 Pacific
Advisory Updated Date: 2023-10-17 22:14 Pacific
Severity: Important
Issue Overview:

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability.

We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8. (CVE-2023-4244)

ipv4: fix null-deref in ipv4_link_failure

NOTE: https://www.openwall.com/lists/oss-security/2023/10/02/8
NOTE: https://git.kernel.org/linus/0113d9c9d1ccc07f5a3710dac4aa24b6d711278c (6.6-rc3) (CVE-2023-42754)

A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system. (CVE-2023-42756)

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.

We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325. (CVE-2023-5197)


Affected Packages:

kernel


Issue Correction:
Run yum update kernel to update your system.

New Packages:
aarch64:
    kernel-5.15.134-87.145.amzn2.aarch64
    kernel-headers-5.15.134-87.145.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.15.134-87.145.amzn2.aarch64
    perf-5.15.134-87.145.amzn2.aarch64
    perf-debuginfo-5.15.134-87.145.amzn2.aarch64
    python-perf-5.15.134-87.145.amzn2.aarch64
    python-perf-debuginfo-5.15.134-87.145.amzn2.aarch64
    kernel-tools-5.15.134-87.145.amzn2.aarch64
    kernel-tools-devel-5.15.134-87.145.amzn2.aarch64
    kernel-tools-debuginfo-5.15.134-87.145.amzn2.aarch64
    bpftool-5.15.134-87.145.amzn2.aarch64
    bpftool-debuginfo-5.15.134-87.145.amzn2.aarch64
    kernel-devel-5.15.134-87.145.amzn2.aarch64
    kernel-debuginfo-5.15.134-87.145.amzn2.aarch64
    kernel-livepatch-5.15.134-87.145-1.0-0.amzn2.aarch64

i686:
    kernel-headers-5.15.134-87.145.amzn2.i686

src:
    kernel-5.15.134-87.145.amzn2.src

x86_64:
    kernel-5.15.134-87.145.amzn2.x86_64
    kernel-headers-5.15.134-87.145.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.15.134-87.145.amzn2.x86_64
    perf-5.15.134-87.145.amzn2.x86_64
    perf-debuginfo-5.15.134-87.145.amzn2.x86_64
    python-perf-5.15.134-87.145.amzn2.x86_64
    python-perf-debuginfo-5.15.134-87.145.amzn2.x86_64
    kernel-tools-5.15.134-87.145.amzn2.x86_64
    kernel-tools-devel-5.15.134-87.145.amzn2.x86_64
    kernel-tools-debuginfo-5.15.134-87.145.amzn2.x86_64
    bpftool-5.15.134-87.145.amzn2.x86_64
    bpftool-debuginfo-5.15.134-87.145.amzn2.x86_64
    kernel-devel-5.15.134-87.145.amzn2.x86_64
    kernel-debuginfo-5.15.134-87.145.amzn2.x86_64
    kernel-livepatch-5.15.134-87.145-1.0-0.amzn2.x86_64

Additional References

Red Hat: CVE-2023-4244, CVE-2023-42754, CVE-2023-42756, CVE-2023-5197

Mitre: CVE-2023-4244, CVE-2023-42754, CVE-2023-42756, CVE-2023-5197

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started