CVE-2023-6817

Summary

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.

We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

Affected Software

VendorProductVersion RangeStatus
LinuxKernel5.6 < 6.7affected

Weaknesses

  • CWE-416: CWE-416 Use After Free

ADP Enrichment

CVE Program Container

Additional References

Additional References

References