CVE-2023-4207
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-4207 is a use-after-free vulnerability affecting the Linux kernel's net/sched: cls_fw component. This issue arises from the way fw_change() function handles filter updates, causing the whole tcf_result struct to be copied into a new filter instance. If an update is performed on a filter bound to a class, tcf_unbind_filter() is called on the old instance, leading to a decrease in filter_cnt and potential deletion of the class. Consequently, the old instance is used after it has been freed, enabling local privilege escalation. It is recommended to upgrade past commit 76e42ae831991c828cffa8c37736ebfb831ad5ec to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.