icon

We found results for “

CVE-2023-6817

Good to know:

icon

Date: December 18, 2023

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Use After Free

CWE-416

Top Fix

icon

Upgrade Version

Upgrade to version v5.10.204,v5.15.143,v6.1.68,v6.6.7

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us