cbcvebase.
CVE-2023-3777
published 2023-09-06

CVE-2023-3777: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.

Affected

26 ranges· showing 25
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debianlinux< linux 6.1.52-1 (bookworm)linux 6.1.52-1 (bookworm)
googlechrome_chrome
linuxkernel>= 5.9 < 6.56.5
linuxlinux_kernel>= 0 < 5.10.191-15.10.191-1
linuxlinux_kernel>= 0 < 6.1.52-16.1.52-1
linuxlinux_kernel>= 0 < 6.4.11-16.4.11-1
linuxlinux_kernel>= 0 < 6.4.11-16.4.11-1
linuxlinux_kernel>= 0 < 5.15.0-82.915.15.0-82.91
linuxlinux_kernel>= 0 < 4.4.0-246.2804.4.0-246.280
linuxlinux_kernel>= 0 < 4.4.0-245.2794.4.0-245.279
linuxlinux_kernel>= 0 < 4.15.0-219.2304.15.0-219.230
linuxlinux_kernel>= 0 < 4.15.0-218.2294.15.0-218.229
linuxlinux_kernel>= 0 < 5.4.0-165.1825.4.0-165.182
linuxlinux_kernel>= 0 < 5.4.0-205.2255.4.0-205.225
linuxlinux_kernel>= 0 < 5.15.0-87.975.15.0-87.97
linuxlinux_kernel>= 0 < 5.15.0-84.935.15.0-84.93
linuxlinux_kernel>= 5.11 < 5.15.1235.15.123
linuxlinux_kernel>= 5.16 < 6.1.426.1.42
linuxlinux_kernel>= 5.9 < 5.10.1885.10.188

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH