Last Modified: April 12, 2023
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.
Tweets last week: 0
Remaining steady
Yahoo results: 457000
Remaining steady
Current EPSS Score: 0.00042
Remaining steady
Reddit Posts: 1
Remaining steady
Github Repos: 0
Remaining steady
Found exploits:
Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Base Score: 7.8
Exploitability Score:
1.8
Impact Score: 5.9
CVSS V3: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416
| Condition | Configuration | |
|---|---|---|
| OR | ||
| OR | ||
| cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
| cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:* Part: o Vendor: linux | Alle Schwachstellen für linux | |
CWE-ID:
Not defined
Base Score V3:
Not defined
Exploitability Score V3:
Not defined
Impact Score V3:
Not defined
Cvss Vector V3:
Not defined
Configuration:
added:
cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*
Description:
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.
Reference:
added:
http://www.openwall.com/lists/oss-security/2023/04/11/3
Reference:
added:
https://security.netapp.com/advisory/ntap-20230427-0004/
Reference:
added:
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Reference:
added:
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*"/>
</set>
</set>
<?xml version="1.0" ?>
<set operator="and">
<set operator="or">
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*"/>
<prop key="operating_system" value="cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*"/>
</set>
<prop key="program_influence" value="input"/>
</set>