CVE-2023-4208

CWE-416Use After Free9 documents8 sources
Severity
7.8HIGH
EPSS
0.0%
top 89.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelLinux Linux KernelDebian Debian Linux
Timeline
PublishedSep 6
Latest updateOct 6

Description

A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. When u32_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, l

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5linux/kernel3.186.5
NVDlinux/linux_kernel3.184.14.322+6
Debianlinux< 5.10.191-1+3

Also affects: Debian Linux 12.0

🔴Vulnerability Details

3
OSV
CVE-2023-4208: A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation2023-09-06
GHSA
GHSA-ph8p-rrmj-8gf2: A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation2023-09-06
CVEList
Use-after-free in Linux kernel's net/sched: cls_u32 component2023-09-06

📋Vendor Advisories

5
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2023-42082023-10-06
Microsoft
Use-after-free in Linux kernel's net/sched: cls_u32 component2023-09-12
Red Hat
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route2023-07-29
Red Hat
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route2023-07-29
Debian
CVE-2023-4208: linux - A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 componen...2023