← Zuruck zu CVEs
CVE-2023-4004
HIGH7.8
Beschreibung
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
CVE Details
CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht7/31/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
debian:debian_linuxfedoraproject:fedoralinux:linux_kernelnetapp:h300snetapp:h410snetapp:h500snetapp:h700sredhat:enterprise_linux
Schwachen (CWE)
CWE-416CWE-416
Referenzen
https://access.redhat.com/errata/RHSA-2023:4961(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:4962(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:4967(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5069(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5091(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5093(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5221(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5244(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5255(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5548(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:5627(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:7382(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:7389(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:7411(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:7417(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:7431(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2023:7434(secalert@redhat.com)
https://access.redhat.com/security/cve/CVE-2023-4004(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=2225275(secalert@redhat.com)
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/(secalert@redhat.com)
http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:4961(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:4962(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:4967(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5069(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5091(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5093(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5221(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5244(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5255(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5548(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:5627(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7382(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7389(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7411(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7417(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7431(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7434(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2023-4004(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2225275(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html(af854a3a-2127-422b-91ae-364da2661108)
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20231027-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5480(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5492(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.