CVE-2023-4207

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 6, 2023
Updated: Feb 5, 2024
CWE ID 416

Summary

CVE-2023-4207 is a use-after-free vulnerability affecting the Linux kernel's net/sched: cls_fw component. This issue arises from the way fw_change() function handles filter updates, causing the whole tcf_result struct to be copied into a new filter instance. If an update is performed on a filter bound to a class, tcf_unbind_filter() is called on the old instance, leading to a decrease in filter_cnt and potential deletion of the class. Consequently, the old instance is used after it has been freed, enabling local privilege escalation. It is recommended to upgrade past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share