Security Advisory

CVE-2023-4244

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-06 13:53:24

Last updated 2025-02-13 17:09:20

Assigner Google

State PUBLISHED

Description

A use-after-free vulnerability in the Linux kernels netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.

← Browse all CVEs View on cve.org ↗