CVE-2024-0193

EPSS 0.14%
Veröffentlicht 02.01.2024 18:15:08
Zuletzt bearbeitet 15.05.2026 17:45:36
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 11

NVD 70 VulnDex Vulnerability Enrichment 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.2_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.2_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Eus Version9.2

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.2_aarch64

Redhat ≫ Enterprise Linux For Arm64 Version9.2 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Arm64 Els Version9.2 HwPlatformaarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.2_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Els Version9.2_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.2_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Els Version9.2_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.2_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Els Version9.2

Redhat ≫ Enterprise Linux For X86 64 Eus Version9.2

Redhat ≫ Enterprise Linux For X86 64 Update Services For Sap Solutions Version9.2

Redhat ≫ Enterprise Linux Server Aus Version9.2

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.2_ppc64le

Redhat ≫ Codeready Linux Builder For Arm64 Version9.0_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.4_aarch64

Redhat ≫ Codeready Linux Builder For Arm64 Eus Version9.6_aarch64

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Version9.0_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.4_s390x

Redhat ≫ Codeready Linux Builder For Ibm Z Systems Eus Version9.6_s390x

Redhat ≫ Codeready Linux Builder For Power Little Endian Version9.0_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Codeready Linux Builder For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Codeready Linux Builder For X86 64 Eus Version9.4

Redhat ≫ Codeready Linux Builder For X86 64 Eus Version9.6

Redhat ≫ Enterprise Linux For Arm 64 Version9.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version9.6_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Els Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Els Version9.6_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.6_aarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.6_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Els Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Els Version9.6_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.6_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Els Version9.4_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Els Version9.6_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Enterprise Linux For X86 64 Version9.0

Redhat ≫ Enterprise Linux For X86 64 Els Version9.4

Redhat ≫ Enterprise Linux For X86 64 Els Version9.6

Redhat ≫ Enterprise Linux For X86 64 Eus Version9.4

Redhat ≫ Enterprise Linux For X86 64 Eus Version9.6

Redhat ≫ Enterprise Linux For X86 64 Update Services For Sap Solutions Version9.4

Redhat ≫ Enterprise Linux For X86 64 Update Services For Sap Solutions Version9.6

Redhat ≫ Enterprise Linux Server Aus Version9.4

Redhat ≫ Enterprise Linux Server Aus Version9.6

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.4_ppc64le

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.6_ppc64le

Redhat ≫ Logging Subsystem For Red Hat Openshift Version5.0

Redhat ≫ Logging Subsystem For Red Hat Openshift For Arm 64 Version5.0

Redhat ≫ Logging Subsystem For Red Hat Openshift For Ibm Power Little Endian Version5.0

Redhat ≫ Logging Subsystem For Red Hat Openshift For Ibm Z And Linuxone Version5.0

Redhat ≫ Enterprise Linux For X86 64 Update Services For Sap Solutions Version9.0

Redhat ≫ Enterprise Linux For Arm 64 Version9.0_aarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.0_s390x

Redhat ≫ Enterprise Linux For X86 64 Update Services For Sap Solutions Version9.0

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.0_ppc64le

Linux ≫ Linux Kernel Version >= 5.10.198 < 5.10.206

Linux ≫ Linux Kernel Version >= 5.15.118 < 5.15.146

Linux ≫ Linux Kernel Version >= 6.1.35 < 6.1.71

Linux ≫ Linux Kernel Version >= 6.3.9 < 6.6.10

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.339

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://access.redhat.com/errata/RHSA-2024:2094

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:1248

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:1018

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:1019

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:4412

Vendor Advisory

https://access.redhat.com/errata/RHSA-2024:4415

Vendor Advisory