CVE-2023-42756

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Sep 28, 2023

Updated: Apr 30, 2024

CWE ID 362

Summary

CVE-2023-42756 is a newly discovered vulnerability affecting the Netfilter subsystem of the Linux kernel. A race condition exists between IPSET_CMD_ADD and IPSET_CMD_SWAP commands, allowing a local user to cause a kernel panic. This occurs due to an incorrect invocation of `__ip_set_put` function on an unintended IP set. The exploitation of this flaw could lead to a system crash, posing a potential security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/srIlYu
https://www.cve.org/CVERecord?id=CVE-2023-42756
https://nvd.nist.gov/vuln/detail/CVE-2023-42756

Back to Vulnerability Database

CVE-2023-42756

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations