7.8
CVSSv3

CVE-2023-4208

Published: 06/09/2023 Updated: 15/02/2024
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 12.0

Vendor Advisories

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result in denial of service (significant in ...
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat P ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Securit ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 77 Advanced Update SupportRed Hat Product Security has rated ...
概要 Important: kernel security, bug fix, and enhancement update タイプ/重大度 Security Advisory: Important Red Hat Insights パッチ分析 このアドバイザリーの影響を受けるシステムを特定し、修正します。 影響を受けるシステムの表示 トピック An update for kernel is now available ...
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 76 Advanced Update SupportRed Hat Product Security has rated ...
Synopsis Low: Logging Subsystem 581- Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic An update is now available for RHOL-58-RHEL-9Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...
Synopsis Low: Logging Subsystem 5710 - Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic Low: Logging Subsystem 5710 - Red Hat OpenShift security updateRed Hat Product Security has rated this update as having a security impact of low A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed Hat Product Security has ...
概要 Important: OpenShift Container Platform 411 low-latency extras update タイプ/重大度 Security Advisory: Important トピック An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 411 Secondary scheduler builds ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Securit ...
Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as havin ...
概要 Important: kernel security update タイプ/重大度 Security Advisory: Important Red Hat Insights パッチ分析 このアドバイザリーの影響を受けるシステムを特定し、修正します。 影響を受けるシステムの表示 トピック An update for kernel is now available for Red Hat Enterprise Lin ...
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Synopsis Important: OpenShift Container Platform 4142 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4142 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
DescriptionThe MITRE CVE dictionary describes this issue as: A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a prob ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbi ...
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances We recommend upgrading past commi ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbi ...
A use-after-free vulnerability in the Linux kernel's net/sched: cls_route component can be exploited to achieve local privilege escalation When route4_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter This causes a problem when updating a filter bound to a class, as tcf_unbi ...
The Stable channel is being updated to OS version: 15572500 Browser version: 11705938115 for most ChromeOS devicesIf you find new issues, please let us know one of the following waysFile a bugVisit our ChromeOS communitiesGeneral: Chromebook Help CommunityBeta Specific: ChromeOS Beta Help CommunityReport an issue ...
LTS-114 is being updated in the LTS channel to 11405735337 (Platform Version: 15437740) for most ChromeOS devices Want to know more about Long Term Support? Click hereThis update contains multiple Security fixes, including:1475798 High CVE-2023-5187 Use after free in Extensions1450784 Medium CVE-2023-4 ...