A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.
If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.
We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Google
Published: 2023-09-06T13:56:57.295Z
Updated: 2024-08-02T07:31:06.625Z
Reserved: 2023-08-30T11:58:12.267Z
Link: CVE-2023-4623
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-06T14:15:12.357
Modified: 2024-08-26T16:07:04.307
Link: CVE-2023-4623
Redhat