A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
This flaw can be mitigated by preventing the affected netfilter kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.
References
History
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Fri, 22 Nov 2024 12:00:00 +0000
Fri, 13 Sep 2024 19:45:00 +0000

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-26T02:52:18.600Z
Reserved: 2023-07-30T11:58:17.241Z
Link: CVE-2023-4004

No data.

Status : Modified
Published: 2023-07-31T17:15:10.203
Modified: 2024-11-21T08:34:12.390
Link: CVE-2023-4004


No data.