A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() can lead unbinding the chain and objects be deactivated but later used.
We recommend upgrading past commit 0a771f7b266b02d262900c75f1e175c7fe76fec2.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Google
Published: 2023-09-06T13:52:44.724Z
Updated: 2024-08-02T07:17:11.558Z
Reserved: 2023-07-31T10:37:30.332Z
Link: CVE-2023-4015
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-06T14:15:11.093
Modified: 2023-12-12T14:31:41.517
Link: CVE-2023-4015
Redhat