Updated: 2023-08-01 20:51:54.987033
Description:
A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0 |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Needs Triage | 2023-07-08 00:06:27 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2023:1695715460 | 2023-09-26 05:09:32 |
| CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Released | CLSA-2023:1695716575 | 2023-09-26 05:09:32 |
| CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Not Vulnerable | 2023-09-25 14:27:04 | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Needs Triage | 2023-07-08 00:06:28 | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 7.8 | HIGH | Ignored | 2023-07-19 17:05:11 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 7.8 | HIGH | Ignored | 2023-07-26 17:05:47 | |
| Ubuntu 18.04 ELS | linux | 4.15.0 | 7.8 | HIGH | Released | 2023-08-31 03:18:07 |