Updated: 2025-08-20 00:13:35.188147
Description:
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Not Vulnerable | 2024-04-18 10:09:45 | ||
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2023:1686585068 | 2023-06-13 09:06:07 | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2023:1686651204 | 2023-06-13 09:06:07 | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.8 | HIGH | Released | CLSA-2023:1682416329 | 2023-04-25 08:49:00 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 7.8 | HIGH | Not Vulnerable | 2023-04-21 03:19:03 | ||
| Ubuntu 18.04 ELS | linux | 4.15.0 | 7.8 | HIGH | Released | 2023-08-31 03:19:33 |