Уязвимость CVE-2023-6817: Информация

Описание

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

Важность: HIGH (7,8) Вектор: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Исправленные пакеты

Ссылки на рекомендации, решения и инструменты

1. Подверженные конфигурации:

   1. Конфигурация 1

      cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*

      ---

      cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*

      ---

      cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*

      ---

      cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*

      ---

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Start including

      5.16

      End excliding

      6.1.68

      ---

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Start including

      5.11

      End excliding

      5.15.143

      ---

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Start including

      5.6

      End excliding

      5.10.204

      ---

      cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

      Start including

      6.2

      End excliding

      6.6.7

      ---