CVE-2023-1829Use After Free in Kernel

CWE-416Use After FreeCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer38 documents11 sources
Severity
7.8HIGHNVD
OSV7.0OSV5.5OSV4.7
EPSS
0.2%
top 54.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Linux KernelDebian LinuxPaloalto Pan-os+6 more
Timeline
PublishedApr 12
Latest updateAug 19

Description

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages12 packages

NVDlinux/linux_kernel4.154.19.276+6
Debianlinux/linux_kernel< 5.10.178-1+3
Ubuntulinux/linux_kernel< 5.15.0-71.78+1
CVEListV5linux/linux_kernel3.86.2
debiandebian/linux< linux 6.1.20-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: kernel.dancePatch: git.kernel.org

🔴Vulnerability Details

16
OSV
linux-iot vulnerabilities2023-07-27
OSV
linux-xilinx-zynqmp vulnerabilities2023-07-12
GHSA
GHSA-4x82-r4q4-7g8x: A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation2023-07-06
OSV
linux-intel-iotg vulnerabilities2023-06-01
OSV
linux-intel-iotg-5.15 vulnerabilities2023-06-01

📋Vendor Advisories

18
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS2024-02-14
Ubuntu
Linux kernel (IoT) vulnerabilities2023-07-27
Ubuntu
Linux kernel (Xilinx ZynqMP) vulnerabilities2023-07-12
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2023-06-01
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2023-06-01

📄Research Papers

2
arXiv
Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects2024-08-19
CTF
RIPTC / readme

💬Community

1
Bugzilla
CVE-2023-1829 kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter2023-04-20
CVE-2023-1829 — Use After Free in Linux Kernel | cvebase