CVE-2023-32233: In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

EXPLOIT

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

Affected

35 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	linux	< linux 6.1.27-1 (bookworm)	linux 6.1.27-1 (bookworm)
google	chrome_chrome	—	—
linux	linux_kernel	>= 0 < 5.10.179-1	5.10.179-1
linux	linux_kernel	>= 0 < 6.1.27-1	6.1.27-1
linux	linux_kernel	>= 0 < 6.1.27-1	6.1.27-1
linux	linux_kernel	>= 0 < 6.1.27-1	6.1.27-1
linux	linux_kernel	>= 0 < 4.15.0-212.223	4.15.0-212.223
linux	linux_kernel	>= 0 < 5.4.0-150.167	5.4.0-150.167
linux	linux_kernel	>= 0 < 5.15.0-73.80	5.15.0-73.80
linux	linux_kernel	>= 0 < 4.4.0-241.275	4.4.0-241.275
linux	linux_kernel	>= 0 < 5.4.0-150.167	5.4.0-150.167
linux	linux_kernel	>= 0 < 5.15.0-73.80	5.15.0-73.80
linux	linux_kernel	>= 3.13 < 4.14.315	4.14.315
linux	linux_kernel	>= 4.15 < 4.19.283	4.19.283
linux	linux_kernel	>= 4.20 < 5.4.243	5.4.243
linux	linux_kernel	>= 5.11 < 5.15.111	5.15.111
linux	linux_kernel	>= 5.16 < 6.1.28	6.1.28
linux	linux_kernel	>= 5.5 < 5.10.180	5.10.180
linux	linux_kernel	>= 6.2 < 6.2.15	6.2.15
linux	linux_kernel	>= 6.3 < 6.3.2	6.3.2
msrc	cbl2_kernel_5.15.112.1-1_on_cbl_mariner_2.0	—	—
msrc	cbl_mariner_1.0_arm	—	—
msrc	cbl_mariner_1.0_x64	—	—
msrc	cbl_mariner_2.0_arm	—	—
msrc	cbl_mariner_2.0_x64	—	—

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

osv7.8HIGH

vulncheck7.8HIGH