CVE-2023-6111
published 2023-11-14CVE-2023-6111: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times.
We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 6.1.64-1 (bookworm) | linux 6.1.64-1 (bookworm) |
| linux | kernel | >= 6.6 < 6.7 | 6.7 |
| linux | linux_kernel | >= 0 < 6.1.64-1 | 6.1.64-1 |
| linux | linux_kernel | >= 0 < 6.5.13-1 | 6.5.13-1 |
| linux | linux_kernel | >= 0 < 6.5.13-1 | 6.5.13-1 |
| linux | linux_kernel | >= 5.15.134 < 5.15.140 | 5.15.140 |
| linux | linux_kernel | >= 6.1.56 < 6.1.64 | 6.1.64 |
| linux | linux_kernel | >= 6.5.6 < 6.5.13 | 6.5.13 |
| linux | linux_kernel | >= 6.6 < 6.6.3 | 6.6.3 |
| msrc | azl3_kernel_6.6.29.1-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_kernel_6.6.47.1-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_hyperv-daemons_5.15.143.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH