1. Home
  2. Vulnerabilities
  3. CVE-2023-32233

CVE-2023-32233

CVSS v3.1 7.8 (High)
78% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 3
Advisories 62
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2023-05-08 20:15:20
(16 months ago)
Updated Date
2023-09-28 19:07:11
(11 months ago)

Affected Products

Linux

Netapp

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel from 3.13 version and prior 4.14.315 version cpe:2.3:o:linux:linux_kernel >= 3.13 < 4.14.315
  Linux Kernel from 4.15 version and prior 4.19.283 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.283
  Linux Kernel from 4.20 version and prior 5.4.243 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.243
  Linux Kernel from 5.5 version and prior 5.10.180 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.10.180
  Linux Kernel from 5.11 version and prior 5.15.111 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.111
  Linux Kernel from 5.16 version and prior 6.1.28 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 6.1.28
  Linux Kernel from 6.2 version and prior 6.2.15 version cpe:2.3:o:linux:linux_kernel >= 6.2 < 6.2.15
  Linux Kernel from 6.3 version and prior 6.3.2 version cpe:2.3:o:linux:linux_kernel >= 6.3 < 6.3.2

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0
  Redhat Enterprise Linux 9.0 cpe:2.3:o:redhat:enterprise_linux:9.0

Configuration #3

    CPE23 From Up To
  Netapp Hci Baseboard Management Controller H300s cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s
  Netapp Hci Baseboard Management Controller H410c cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c
  Netapp Hci Baseboard Management Controller H410s cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s
  Netapp Hci Baseboard Management Controller H500s cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s
  Netapp Hci Baseboard Management Controller H700s cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s