Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()
CVE-2023-4004

7.8HIGH

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat Enterprise Linux 8.2 Update Services For SAP Solutions
Vendor
CVE Published:
31 July 2023

What is CVE-2023-4004?

A use-after-free vulnerability has been identified within the netfilter component of the Linux kernel, specifically in the nft_pipapo_remove function. This flaw occurs when a user attempts to manipulate the function without a properly defined NFT_SET_EXT_KEY_END. Exploitation of this vulnerability could potentially lead to local system crashes or allow an authenticated user to gain elevated privileges, posing a risk to system integrity and security.

Affected Version(s)

Red Hat Enterprise Linux 8 0:4.18.0-477.27.1.rt7.290.el8_8

Red Hat Enterprise Linux 8 0:4.18.0-477.27.1.el8_8

Red Hat Enterprise Linux 8.2 Advanced Update Support 0:4.18.0-193.119.1.el8_2

References

https://access.redhat.com/errata/RHSA-2023:4961
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4962
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4967
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.