CVE-2023-3390

CVSS v3.1 7.8 (High)

EPSS 0.04 % (5^th)

Affected Products 6

Advisories 46

A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c.

Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.

We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.

Weaknesses

CWE-416: Use After Free

Related CVEs

CVE-2023-3117

CVE Status: PUBLISHED
CNA: Google Inc.
Published Date: 2023-06-28 21:15:10
(14 months ago)
Updated Date: 2024-03-27 14:11:37
(5 months ago)

Affected Products

Linux

Linux Kernel

Netapp

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.16 version and prior 4.14.322 version	cpe:2.3:o:linux:linux_kernel	>= 3.16	< 4.14.322
Linux Kernel from 4.15 version and prior 4.19.291 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.19.291
Linux Kernel from 4.20 version and prior 5.4.251 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.4.251
Linux Kernel from 5.5 version and prior 5.10.188 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.188
Linux Kernel from 5.11 version and prior 5.15.118 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.118
Linux Kernel from 5.16 version and prior 6.1.35 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.35
Linux Kernel from 6.2 version and prior 6.3.9 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.3.9

Configuration #2

		CPE23	From	Up To
	Netapp H300s	cpe:2.3:h:netapp:h300s:-
	Netapp H410c	cpe:2.3:h:netapp:h410c:-
	Netapp H410s	cpe:2.3:h:netapp:h410s:-
	Netapp H500s	cpe:2.3:h:netapp:h500s:-
	Netapp H700s	cpe:2.3:h:netapp:h700s:-