Use-After-Free Vulnerability in Linux Kernel's Netfilter nf_tables
CVE-2023-32233

7.8HIGH

Key Information:

Vendor
Linux
Status
Linux Kernel
Vendor
CVE Published:
8 May 2023

Badges

👾 Exploit Exists🟡 Public PoC📰 News Worthy

Summary

A critical vulnerability exists in the Linux Kernel, specifically within the Netfilter nf_tables module. This vulnerability arises from a use-after-free condition when processing batch requests. If exploited, it enables unprivileged local users to manipulate kernel memory, potentially allowing them to perform arbitrary read and write operations. This exploit occurs due to improper handling of anonymous sets, ultimately leading to a serious security risk, including unauthorized root access.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-32233
Created by Liuk3r

POC-CVE-2023-32233
Created by oferchen

CVE-2023-32233
Created by PIDAN-HEIDASHUAI

News Articles

favicon imagePenetration Testing

PoC Released for Linux Kernel Privilege Escalation (CVE-2023-32233) Vulnerability

A Proof-of-Concept (PoC) for CVE-2023-32233 allows unprivileged local users to start a root shell on impacted systems.

References

https://www.openwall.com/lists/oss-security/2023/05/08/4
https://github.com/torvalds/linux/commit/c1592a89942e9678...
https://git.kernel.org/cgit/linux/kernel/git/torvalds/lin...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 📰

    First article discovered by Penetration Testing

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.