oss-sec mailing list archives
Re: CVE-2023-6817: Linux kernel: use-after-free in nf_tables
From: Dominique Martinet <asmadeus () codewreck org>
Date: Sat, 23 Dec 2023 06:44:25 +0900
Xingyuan Mo wrote on Fri, Dec 22, 2023 at 10:16:24AM +0800:
I found a use-after-free vulnerability in the implementation of pipapo set in Linux kernel nf_tables, which can lead to DoS or local privilege escalation, with CAP_NET_ADMIN capability required. The bug is fixed in v6.7-rc5 kernel and the patch is: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=317eb9685095678f2c9f5a8189de698c5354316a
For anyone who'd do the same thing: - that commit marks Fixes 3c4287f62044 which was introduced in 5.6 - it's already been backported to stable tree (5.10.204, 5.15.143, 6.1.68 and 6.6.7) Thanks, -- Dominique
Current thread:
- CVE-2023-6817: Linux kernel: use-after-free in nf_tables Xingyuan Mo (Dec 22)
- Re: CVE-2023-6817: Linux kernel: use-after-free in nf_tables Dominique Martinet (Dec 22)