CVE-2023-3609

CVSS v3.1 7.8 (High)

EPSS 0.04 % (5^th)

Affected Products 2

Advisories 64

A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation.

If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability.

We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: Google Inc.
Published Date: 2023-07-21 21:15:11
(14 months ago)
Updated Date: 2024-01-11 19:15:10
(8 months ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 4.14 version and prior 6.4 version	cpe:2.3:o:linux:linux_kernel	>= 4.14	< 6.4
Linux Kernel 6.4 Rc1	cpe:2.3:o:linux:linux_kernel:6.4:rc1
Linux Kernel 6.4 Rc2	cpe:2.3:o:linux:linux_kernel:6.4:rc2
Linux Kernel 6.4 Rc3	cpe:2.3:o:linux:linux_kernel:6.4:rc3
Linux Kernel 6.4 Rc4	cpe:2.3:o:linux:linux_kernel:6.4:rc4
Linux Kernel 6.4 Rc5	cpe:2.3:o:linux:linux_kernel:6.4:rc5
Linux Kernel 6.4 Rc6	cpe:2.3:o:linux:linux_kernel:6.4:rc6

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0