CVE-2024-0193 — Use After Free in Redhat Enterprise Linux

CWE-416 — Use After Free19 documents8 sources

Severity

6.7MEDIUMNVD

CNA7.8

EPSS

0.1%

top 74.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Redhat Enterprise Linux

Timeline

PublishedJan 2

Latest updateApr 30

Description

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

▶Debianlinux/linux_kernel< 5.10.205-1+3

Also affects: Enterprise Linux 9.0

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

CVEList

Kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation↗2024-01-02

▶

OSV

CVE-2024-0193: A use-after-free flaw was found in the netfilter subsystem of the Linux kernel↗2024-01-02

▶

GHSA

GHSA-52x7-wcqq-wfjp: A use-after-free flaw was found in the netfilter subsystem of the Linux kernel↗2024-01-02

▶

📋Vendor Advisories

Ubuntu

Kernel Live Patch Security Notice↗2024-04-30

▶

Ubuntu

Kernel Live Patch Security Notice↗2024-03-12

▶

Ubuntu

Linux kernel (Intel IoTG) vulnerabilities↗2024-02-15

▶

Ubuntu

Linux kernel (NVIDIA) vulnerabilities↗2024-02-14

▶

Ubuntu

Linux kernel (GCP) vulnerabilities↗2024-02-14

▶

💬Community

Bugzilla

CVE-2024-0193 kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation↗2023-12-22

▶