Описание
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free.
We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
6.6 Medium
CVSS3
Дефекты
Связанные уязвимости
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
Уязвимость функций nft_flush_table(), nf_tables_delchain(), nf_tables_newrule(), nf_tables_delrule(), __nft_release_table() ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации или повысить свои привилегии
EPSS
7.8 High
CVSS3
6.6 Medium
CVSS3