1. Home
  2. Vulnerabilities
  3. CVE-2023-3777

CVE-2023-3777

CVSS v3.1 7.8 (High)
78% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 3
Advisories 41
NVD Status Analyzed
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.

We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
Google Inc.
Published Date
2023-09-06 14:15:10
(12 months ago)
Updated Date
2024-08-26 16:08:25
(3 weeks ago)

Affected Products

Canonical

Debian

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 5.9 version and prior 5.10.188 version cpe:2.3:o:linux:linux_kernel >= 5.9 < 5.10.188
  Linux Kernel from 5.11 version and prior 5.15.123 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.123
  Linux Kernel from 5.16 version and prior 6.1.42 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 6.1.42
  Linux Kernel from 6.2 version and prior 6.4.7 version cpe:2.3:o:linux:linux_kernel >= 6.2 < 6.4.7

Configuration #2

    CPE23 From Up To
  Debian Linux 12.0 cpe:2.3:o:debian:debian_linux:12.0

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 20.04 cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts
  Canonical Ubuntu Linux 22.04 cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts