CVE-2023-32233

CVSS V2 None CVSS V3 None

Description

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

Overview

CVE ID
CVE-2023-32233

Assigner
cve@mitre.org

Vulnerability Status
Received

Published Version
2023-05-08T20:15:20

Last Modified Date
2023-05-08T20:15:20

References

Reference URL	Reference Tags
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab
https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab
https://www.openwall.com/lists/oss-security/2023/05/08/4

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-32233
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32233

History

Created	Old Value	New Value	Data Type	Notes
2023-05-08 21:05:58				Added to TrackCVE