oss-sec mailing list archives

Re: CVE-2023-6817: Linux kernel: use-after-free in nf_tables

From: Dominique Martinet <asmadeus () codewreck org>
Date: Sat, 23 Dec 2023 06:44:25 +0900

Xingyuan Mo wrote on Fri, Dec 22, 2023 at 10:16:24AM +0800:

I found a use-after-free vulnerability in the implementation of pipapo set
in Linux kernel nf_tables, which can lead to DoS or local privilege
escalation, with CAP_NET_ADMIN capability required. The bug is fixed in
v6.7-rc5 kernel and the patch is:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=317eb9685095678f2c9f5a8189de698c5354316a


For anyone who'd do the same thing:
 - that commit marks Fixes 3c4287f62044 which was introduced in 5.6
 - it's already been backported to stable tree (5.10.204, 5.15.143,
 6.1.68 and 6.6.7)


Thanks,
-- 
Dominique

Current thread:

CVE-2023-6817: Linux kernel: use-after-free in nf_tables Xingyuan Mo (Dec 22)
- Re: CVE-2023-6817: Linux kernel: use-after-free in nf_tables Dominique Martinet (Dec 22)