CVE-2023-4208

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 6, 2023

Updated: Feb 15, 2024

CWE ID 416

Summary

CVE-2023-4208 is a use-after-free vulnerability affecting the net/sched: cls_u32 component in the Linux kernel. This issue can be exploited locally to achieve privilege escalation. When the u32_change() function is called to modify an existing filter, it creates a new instance of the filter by copying the entire tcf_result struct from the old one. However, when updating a filter bound to a class, tcf_unbind_filter() is called on the old instance in the success path, decreasing its filter_cnt and potentially allowing the referenced class to be deleted before the new filter is fully initialized. This leads to a use-after-free vulnerability. It is recommended to upgrade to commit 3044b16e7c6fe5d24b1cdbcf1bd0a9d92d1ebd81 to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database