CVE-2023-4244

Use-after-free in Linux kernel's netfilter: nf_tables component

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.

References

Link	Tags
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e91b0ebd994635df2346353322ac51ce84ce6d8	patch mailing list vendor advisory issue tracking
https://kernel.dance/3e91b0ebd994635df2346353322ac51ce84ce6d8	patch vendor advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html	third party advisory mailing list
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Frequently Asked Questions

What is the severity of CVE-2023-4244?: CVE-2023-4244 has been scored as a high severity vulnerability.
How to fix CVE-2023-4244?: To fix CVE-2023-4244, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-4244 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-4244 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-4244?: CVE-2023-4244 affects Linux Kernel.

Description

Category

CWE-416 – Use After Free

References

Frequently Asked Questions