CVE-2024-0193

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0193
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

6.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:1018
https://access.redhat.com/errata/RHSA-2024:1019
https://access.redhat.com/errata/RHSA-2024:1248
https://access.redhat.com/security/cve/CVE-2024-0193 Mitigation Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2255653 Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
History

12 Mar 2024, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1248 -

28 Feb 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1018 -
  • () https://access.redhat.com/errata/RHSA-2024:1019 -

09 Jan 2024, 18:09

Type Values Removed Values Added
Summary (es) Se encontró un fallo de use after free en el subsistema netfilter del kernel de Linux. Si el elemento general se recolecta como basura cuando se retira el conjunto de pipapo, el elemento se puede desactivar dos veces. Esto puede causar un problema de uso después de la liberación en un objeto NFT_CHAIN o NFT_OBJECT, lo que permite a un usuario local sin privilegios escalar sus privilegios en el sistema. (es) Se encontró un fallo de use after free en el subsistema netfilter del kernel de Linux. Si el elemento general se recolecta como basura cuando se retira el conjunto de pipapo, el elemento se puede desactivar dos veces. Esto puede causar un problema de use-after-free en un objeto NFT_CHAIN o NFT_OBJECT, lo que permite a un usuario local sin privilegios escalar sus privilegios en el sistema.
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
First Time Redhat enterprise Linux
Linux linux Kernel
Linux
Redhat
References () https://access.redhat.com/security/cve/CVE-2024-0193 - () https://access.redhat.com/security/cve/CVE-2024-0193 - Mitigation, Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2255653 - () https://bugzilla.redhat.com/show_bug.cgi?id=2255653 - Issue Tracking, Patch, Third Party Advisory
CVSS v2 : unknown
v3 : 7.8 		v2 : unknown
v3 : 6.7

03 Jan 2024, 17:15

Type Values Removed Values Added
Summary
  • (es) Se encontró un fallo de use after free en el subsistema netfilter del kernel de Linux. Si el elemento general se recolecta como basura cuando se retira el conjunto de pipapo, el elemento se puede desactivar dos veces. Esto puede causar un problema de uso después de la liberación en un objeto NFT_CHAIN o NFT_OBJECT, lo que permite a un usuario local sin privilegios escalar sus privilegios en el sistema.
Summary (en) A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user to escalate their privileges on the system. (en) A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

02 Jan 2024, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-01-02 18:15

Updated : 2024-03-12 04:15

NVD link : CVE-2024-0193

Mitre link : CVE-2024-0193

CVE.ORG link : CVE-2024-0193

JSON object : View

Products Affected

linux

  • linux_kernel

redhat

  • enterprise_linux
CWE
CWE-416

Use After Free