A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Google

Published: 2023-09-06T13:56:57.295Z

Updated: 2024-08-02T07:31:06.625Z

Reserved: 2023-08-30T11:58:12.267Z

Link: CVE-2023-4623

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-09-06T14:15:12.357

Modified: 2024-11-21T08:35:33.607

Link: CVE-2023-4623

cve-icon Redhat

Severity : Important

Publid Date: 2023-09-06T00:00:00Z

Links: CVE-2023-4623 - Bugzilla