CVE-2023-0461Use After Free in Kernel

CWE-416Use After Free63 documents9 sources
Severity
7.8HIGHNVD
OSV8.8OSV6.7OSV6.4OSV5.5OSV2.5
EPSS
0.1%
top 67.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Linux KernelDebian LinuxPaloalto Pan-os+6 more
Timeline
PublishedFeb 28
Latest updateFeb 14

Description

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared i

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages12 packages

CVEListV5linux/linux_kernel< 2c02d41d71f90a5168391b6a5f2954112ba2307c
NVDlinux/linux_kernel4.13.04.14.303+7
Debianlinux/linux_kernel< 5.10.178-1+3
Ubuntulinux/linux_kernel< 4.15.0-206.217+5

Patches

Patch: git.kernel.orgPatch: kernel.dancePatch: git.kernel.org

🔴Vulnerability Details

27
OSV
linux-gcp vulnerabilities2023-04-11
OSV
linux-bluefield vulnerabilities2023-04-05
OSV
linux-oem-5.14, linux-oem-5.17 vulnerabilities2023-03-27
OSV
linux-azure vulnerabilities2023-03-27
OSV
Kernel Live Patch Security Notice2023-03-27

📋Vendor Advisories

31
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS2024-02-14
Ubuntu
Linux kernel (GCP) vulnerabilities2023-04-11
Ubuntu
Linux kernel (BlueField) vulnerabilities2023-04-05
Ubuntu
Kernel Live Patch Security Notice2023-03-27
Ubuntu
Linux kernel (OEM) vulnerabilities2023-03-27

💬Community

3
Bugzilla
CVE-2023-6679 kernel: NULL pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c2023-12-11
Bugzilla
CVE-2023-4015 kernel: use after free in nft_immediate_deactivate2023-09-06
Bugzilla
CVE-2023-2166 kernel: NULL pointer dereference in can_rcv_filter2023-04-18