A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2024:1018 | |
https://access.redhat.com/errata/RHSA-2024:1019 | |
https://access.redhat.com/errata/RHSA-2024:1248 | |
https://access.redhat.com/security/cve/CVE-2024-0193 | Mitigation Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2255653 | Issue Tracking Patch Third Party Advisory |
Configurations
History
12 Mar 2024, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Feb 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Jan 2024, 18:09
Type | Values Removed | Values Added |
---|---|---|
Summary | (es) Se encontró un fallo de use after free en el subsistema netfilter del kernel de Linux. Si el elemento general se recolecta como basura cuando se retira el conjunto de pipapo, el elemento se puede desactivar dos veces. Esto puede causar un problema de use-after-free en un objeto NFT_CHAIN o NFT_OBJECT, lo que permite a un usuario local sin privilegios escalar sus privilegios en el sistema. | |
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
|
First Time |
Redhat enterprise Linux
Linux linux Kernel Linux Redhat |
|
References | () https://access.redhat.com/security/cve/CVE-2024-0193 - Mitigation, Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2255653 - Issue Tracking, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
03 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
Summary | (en) A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. |
02 Jan 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-02 18:15
Updated : 2024-03-12 04:15
NVD link : CVE-2024-0193
Mitre link : CVE-2024-0193
CVE.ORG link : CVE-2024-0193
JSON object : View
Products Affected
linux
- linux_kernel
redhat
- enterprise_linux
CWE
CWE-416
Use After Free