CVE-2023-31248

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nft_chain_lookup_byid() failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

Published: Jul 5, 2023
Updated: Jul 12, 2023
CVE: CVE-2023-31248
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
fedoraproject / fedora	37	37.x
fedoraproject / fedora	38	38.x
debian / debian_linux	11.0	11.0.x
linux / linux_kernel	6.2	6.4.4
linux / linux_kernel	5.16	6.1.39
linux / linux_kernel	5.11	5.15.121
linux / linux_kernel	5.9	5.10.188
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	14.04	14.04.x
canonical / ubuntu_linux	20.04	20.04.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	22.04	22.04.x

http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
http://www.openwall.com/lists/oss-security/2023/07/05/2
https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/RGZC5XOANA75OJ4XARBBXYSLDKUIJI5E/
https://lists.fedoraproject.org/archives/list/[email protected]/message/UPHI46ROSSLVAV4R5LJWJYU747JGOS6D/
https://lore.kernel.org/netfilter-devel/[email protected]/T/
https://security.netapp.com/advisory/ntap-20240201-0001/
https://www.debian.org/security/2023/dsa-5453
https://www.openwall.com/lists/oss-security/2023/07/05/2

Vulnerability Database

289,599

CVE-2023-31248