CVE-2023-6040

Summary

An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within nf_tables_newtable function enables an attacker to achieve out-of-bounds access.

Affected Software

VendorProductVersion RangeStatus
The Linux Kernel Organizationlinux0 < 5.18-rc1affected

Weaknesses

  • CWE-125: CWE-125

Workarounds

Disabling unprivileged user namespaces mitigates the issue.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References