跳转到帖子

Red Hat: CVE-2023-6817: kernel: inactive elements in nft_pipapo_walk (Multiple Advisories)

recommended_posts

发布于
  • Members

Red Hat: CVE-2023-6817: kernel: inactive elements in nft_pipapo_walk (Multiple Advisories)

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
12/18/2023
Created
02/09/2024
Added
02/08/2024
Modified
12/05/2024

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-rt

References

  • CVE-2023-6817
  • RHSA-2024:0724
  • RHSA-2024:0881
  • RHSA-2024:0897
  • RHSA-2024:1018
  • RHSA-2024:1019
  • RHSA-2024:1248
  • RHSA-2024:1404
  • RHSA-2024:3414
  • RHSA-2024:3421
View more
  • 查看数 711
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…