CVE-2023-3777

Updated: 2025-02-13 21:31:57.242227

Description:

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.8 HIGH Released CLSA-2024:1712263970 2024-04-07 09:54:55
AlmaLinux 9.2 FIPS kernel 5.14.0 7.8 HIGH Released CLSA-2024:1712570434 2024-04-08 10:41:11
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-09-29 05:08:34
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2023-09-29 05:07:38
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2023-09-26 09:30:01
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2023-09-26 09:30:01
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-09-25 14:25:52
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-09-29 05:08:34
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Not Vulnerable 2023-09-12 05:06:19
Ubuntu 16.04 ELS linux 4.4.0 7.8 HIGH Not Vulnerable 2023-09-12 05:06:17
Total: 11