CVE-2023-6817

CWE-416Use After Free26 documents10 sources
Severity
7.8HIGH
EPSS
0.0%
top 94.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelLinux Linux Kernel
Timeline
PublishedDec 18
Latest updateDec 9

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages28 packages

CVEListV5linux/kernel5.66.7
NVDlinux/linux_kernel5.65.10.204+4
Debianlinux< 5.10.205-2+3
Ubuntulinux< 4.4.0-251.285+3
Ubuntulinux-aws< 4.4.0-1166.181+3

Patches

Patch: git.kernel.orgPatch: kernel.dancePatch: git.kernel.org

🔴Vulnerability Details

6
OSV
btrfs: fix warning when putting transaction with qgroups enabled after abort2025-12-09
OSV
Kernel Live Patch Security Notice2024-03-12
OSV
linux-nvidia-6.2 vulnerabilities2024-02-14
OSV
CVE-2023-6817: A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation2023-12-18
CVEList
Use-after-free in Linux kernel's netfilter: nf_tables component2023-12-18

📋Vendor Advisories

17
Ubuntu
Kernel Live Patch Security Notice2024-04-30
Ubuntu
Kernel Live Patch Security Notice2024-03-12
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2023-68172024-02-16
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2024-02-15
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2024-02-14