Use-After-Free Vulnerability in Linux Kernel's Netfilter nf_tables
CVE-2023-32233
Key Information:
- Vendor
Linux
- Status
- Vendor
- CVE Published:
- 8 May 2023
Badges
What is CVE-2023-32233?
A critical vulnerability exists in the Linux Kernel, specifically within the Netfilter nf_tables module. This vulnerability arises from a use-after-free condition when processing batch requests. If exploited, it enables unprivileged local users to manipulate kernel memory, potentially allowing them to perform arbitrary read and write operations. This exploit occurs due to improper handling of anonymous sets, ultimately leading to a serious security risk, including unauthorized root access.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Penetration TestingCVE-2023-32233PoC Released for Linux Kernel Privilege Escalation (CVE-2023-32233) Vulnerability
A Proof-of-Concept (PoC) for CVE-2023-32233 allows unprivileged local users to start a root shell on impacted systems.
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 📰
First article discovered by Penetration Testing
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved