7.8
CVE-2023-4207
- EPSS 0.03%
- Veröffentlicht 06.09.2023 14:15:11
- Zuletzt bearbeitet 13.02.2025 17:17:16
- Quelle cve-coordination@google.com
- Teams Watchlist Login
- Unerledigt Login
A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. When fw_change() is called on an existing filter, the whole tcf_result struct is always copied into the new instance of the filter. This causes a problem when updating a filter bound to a class, as tcf_unbind_filter() is always called on the old instance in the success path, decreasing filter_cnt of the still referenced class and allowing it to be deleted, leading to a use-after-free. We recommend upgrading past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.18 < 4.14.326
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.295
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.253
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.190
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.126
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.45
Linux ≫ Linux Kernel Version >= 6.2 < 6.4.10
Debian ≫ Debian Linux Version12.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.066 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| cve-coordination@google.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.