csaf_suse - suse-su-2023:4260-1

suse-su-2023:4260-1

Vulnerability from csaf_suse

Published

2023-10-30 10:03

Modified

2023-10-30 10:03

Summary

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3)

Notes

Title of the patch

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3)

Description of the patch

This update for the Linux Kernel 5.3.18-150300_59_130 fixes several issues. The following security issues were fixed: - CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215440). - CVE-2023-4147: Fixed use-after-free in nf_tables_newrule (bsc#1215118). - CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1214812).

Patchnames

SUSE-2023-4260,SUSE-SLE-Module-Live-Patching-15-SP3-2023-4260

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 5.3.18-150300_59_130 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215440).\n- CVE-2023-4147: Fixed use-after-free in nf_tables_newrule (bsc#1215118).\n- CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1214812).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-4260,SUSE-SLE-Module-Live-Patching-15-SP3-2023-4260",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4260-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:4260-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234260-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:4260-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016912.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1214812",
        "url": "https://bugzilla.suse.com/1214812"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1215118",
        "url": "https://bugzilla.suse.com/1215118"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1215440",
        "url": "https://bugzilla.suse.com/1215440"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4004 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4147 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4147/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-4623 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-4623/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3)",
    "tracking": {
      "current_release_date": "2023-10-30T10:03:33Z",
      "generator": {
        "date": "2023-10-30T10:03:33Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:4260-1",
      "initial_release_date": "2023-10-30T10:03:33Z",
      "revision_history": [
        {
          "date": "2023-10-30T10:03:33Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_3_18-150300_59_130-preempt-3-150300.2.2.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_3_18-150300_59_130-preempt-3-150300.2.2.x86_64",
                  "product_id": "kernel-livepatch-5_3_18-150300_59_130-preempt-3-150300.2.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP3",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
        },
        "product_reference": "kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-4004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4004",
          "url": "https://www.suse.com/security/cve/CVE-2023-4004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213812 for CVE-2023-4004",
          "url": "https://bugzilla.suse.com/1213812"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214812 for CVE-2023-4004",
          "url": "https://bugzilla.suse.com/1214812"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-10-30T10:03:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4004"
    },
    {
      "cve": "CVE-2023-4147",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4147"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4147",
          "url": "https://www.suse.com/security/cve/CVE-2023-4147"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213968 for CVE-2023-4147",
          "url": "https://bugzilla.suse.com/1213968"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215118 for CVE-2023-4147",
          "url": "https://bugzilla.suse.com/1215118"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-10-30T10:03:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4147"
    },
    {
      "cve": "CVE-2023-4623",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-4623"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-4623",
          "url": "https://www.suse.com/security/cve/CVE-2023-4623"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215115 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1215115"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215440 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1215440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217444 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1217444"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217531 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1217531"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219698 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1219698"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221578 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1221578"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221598 for CVE-2023-4623",
          "url": "https://bugzilla.suse.com/1221598"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_130-default-3-150300.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-10-30T10:03:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-4623"
    }
  ]
}

CVE-2023-4623 (GCVE-0-2023-4623)

Vulnerability from cvelistv5

Published

2023-09-06 13:56

Modified

2025-02-27 21:00

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Summary

A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.

References

►

URL

Tags

	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f	patch
	https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f
	https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
	http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
	https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Impacted products

	Vendor	Product	Version
	Linux	Kernel	Version: 2.6.12 < 6.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:31:06.625Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-4623",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T21:52:35.435762Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T21:00:32.991Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Kernel",
          "repo": "https://git.kernel.org",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.6",
              "status": "affected",
              "version": "2.6.12",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Budimir Markovic"
        }
      ],
      "datePublic": "2023-08-26T01:57:54.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-11T19:06:55.765Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
        },
        {
          "url": "https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Use-after-free in Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-4623",
    "datePublished": "2023-09-06T13:56:57.295Z",
    "dateReserved": "2023-08-30T11:58:12.267Z",
    "dateUpdated": "2025-02-27T21:00:32.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-4147 (GCVE-0-2023-4147)

Vulnerability from cvelistv5

Published

2023-08-07 13:19

Modified

2025-01-03 04:55

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Summary

A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2023:5069	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5091	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5093	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7382	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7389	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7411	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-4147	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2225239	issue-tracking, x_refsource_REDHAT
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211
	https://www.spinics.net/lists/stable/msg671573.html

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 9

Unaffected: 0:5.14.0-284.30.1.el9_2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::crb

Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-284.30.1.rt14.315.el9_2 < * cpe:/a:redhat:enterprise_linux:9::nfv cpe:/a:redhat:enterprise_linux:9::realtime
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-284.30.1.el9_2 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.80.1.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb cpe:/o:redhat:rhel_eus:9.0::baseos
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.80.1.rt21.151.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::nfv cpe:/a:redhat:rhel_eus:9.0::realtime
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	cpe:/o:redhat:rhel_eus:9.0::baseos
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:17:12.131Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:5069",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5069"
          },
          {
            "name": "RHSA-2023:5091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5091"
          },
          {
            "name": "RHSA-2023:5093",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5093"
          },
          {
            "name": "RHSA-2023:7382",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7382"
          },
          {
            "name": "RHSA-2023:7389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7389"
          },
          {
            "name": "RHSA-2023:7411",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7411"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-4147"
          },
          {
            "name": "RHBZ#2225239",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225239"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231020-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5480"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5492"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/stable/msg671573.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-4147",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-02T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-03T04:55:29.381Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.30.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.30.1.rt14.315.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.30.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb",
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::nfv",
            "cpe:/a:redhat:rhel_eus:9.0::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.rt21.151.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-07-23T10:30:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in the Linux kernel\u2019s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-23T00:02:59.456Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:5069",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5069"
        },
        {
          "name": "RHSA-2023:5091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5091"
        },
        {
          "name": "RHSA-2023:5093",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5093"
        },
        {
          "name": "RHSA-2023:7382",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7382"
        },
        {
          "name": "RHSA-2023:7389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7389"
        },
        {
          "name": "RHSA-2023:7411",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7411"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-4147"
        },
        {
          "name": "RHBZ#2225239",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225239"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211"
        },
        {
          "url": "https://www.spinics.net/lists/stable/msg671573.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-24T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-07-23T10:30:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free",
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-4147",
    "datePublished": "2023-08-07T13:19:43.593Z",
    "dateReserved": "2023-08-03T20:23:06.353Z",
    "dateUpdated": "2025-01-03T04:55:29.381Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-4004 (GCVE-0-2023-4004)

Vulnerability from cvelistv5

Published

2023-07-31 16:22

Modified

2025-08-01 16:06

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416 - Use After Free

Summary

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2023:4961	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:4962	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:4967	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5069	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5091	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5093	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5221	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5244	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5255	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5548	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:5627	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7382	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7389	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7411	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7417	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7431	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7434	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-4004	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2225275	issue-tracking, x_refsource_REDHAT
	https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 8

Unaffected: 0:4.18.0-477.27.1.rt7.290.el8_8   < *
    cpe:/a:redhat:enterprise_linux:8::nfv
    cpe:/a:redhat:enterprise_linux:8::realtime

Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8::baseos
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:4.18.0-477.27.1.el8_8 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/o:redhat:enterprise_linux:8::baseos
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:4.18.0-193.119.1.el8_2 < * cpe:/o:redhat:rhel_e4s:8.2::baseos cpe:/o:redhat:rhel_aus:8.2::baseos cpe:/o:redhat:rhel_tus:8.2::baseos
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 0:4.18.0-193.119.1.rt13.170.el8_2 < * cpe:/a:redhat:rhel_tus:8.2::realtime cpe:/a:redhat:rhel_tus:8.2::nfv
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 0:4.18.0-193.119.1.el8_2 < * cpe:/o:redhat:rhel_e4s:8.2::baseos cpe:/o:redhat:rhel_aus:8.2::baseos cpe:/o:redhat:rhel_tus:8.2::baseos
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	cpe:/o:redhat:rhel_e4s:8.2::baseos
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 0:4.18.0-193.119.1.el8_2 < * cpe:/o:redhat:rhel_e4s:8.2::baseos cpe:/o:redhat:rhel_aus:8.2::baseos cpe:/o:redhat:rhel_tus:8.2::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:4.18.0-305.103.1.el8_4 < * cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 0:4.18.0-305.103.1.rt7.178.el8_4 < * cpe:/a:redhat:rhel_tus:8.4::realtime cpe:/a:redhat:rhel_tus:8.4::nfv
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 0:4.18.0-305.103.1.el8_4 < * cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 0:4.18.0-305.103.1.el8_4 < * cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	cpe:/o:redhat:rhel_e4s:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	cpe:/o:redhat:rhel_eus:8.6::baseos
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 0:4.18.0-372.75.1.el8_6 < * cpe:/o:redhat:rhev_hypervisor:4.4::el8 cpe:/o:redhat:rhel_eus:8.6::baseos cpe:/a:redhat:rhel_eus:8.6::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-284.30.1.el9_2 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-284.30.1.rt14.315.el9_2 < * cpe:/a:redhat:enterprise_linux:9::realtime cpe:/a:redhat:enterprise_linux:9::nfv
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-284.30.1.el9_2 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.80.1.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/o:redhat:rhel_eus:9.0::baseos cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.80.1.rt21.151.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::realtime cpe:/a:redhat:rhel_eus:9.0::nfv
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	cpe:/o:redhat:rhel_eus:9.0::baseos
Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	Unaffected: 0:4.18.0-372.75.1.el8_6 < * cpe:/o:redhat:rhev_hypervisor:4.4::el8 cpe:/o:redhat:rhel_eus:8.6::baseos cpe:/a:redhat:rhel_eus:8.6::crb
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:17:11.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
          },
          {
            "name": "RHSA-2023:4961",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:4961"
          },
          {
            "name": "RHSA-2023:4962",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:4962"
          },
          {
            "name": "RHSA-2023:4967",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:4967"
          },
          {
            "name": "RHSA-2023:5069",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5069"
          },
          {
            "name": "RHSA-2023:5091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5091"
          },
          {
            "name": "RHSA-2023:5093",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5093"
          },
          {
            "name": "RHSA-2023:5221",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5221"
          },
          {
            "name": "RHSA-2023:5244",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5244"
          },
          {
            "name": "RHSA-2023:5255",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5255"
          },
          {
            "name": "RHSA-2023:5548",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5548"
          },
          {
            "name": "RHSA-2023:5627",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:5627"
          },
          {
            "name": "RHSA-2023:7382",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7382"
          },
          {
            "name": "RHSA-2023:7389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7389"
          },
          {
            "name": "RHSA-2023:7411",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7411"
          },
          {
            "name": "RHSA-2023:7417",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7417"
          },
          {
            "name": "RHSA-2023:7431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7431"
          },
          {
            "name": "RHSA-2023:7434",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7434"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-4004"
          },
          {
            "name": "RHBZ#2225275",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225275"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231027-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5480"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5492"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::nfv",
            "cpe:/a:redhat:enterprise_linux:8::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.27.1.rt7.290.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.27.1.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos",
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.119.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::realtime",
            "cpe:/a:redhat:rhel_tus:8.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.119.1.rt13.170.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos",
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.119.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos",
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.119.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.103.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::realtime",
            "cpe:/a:redhat:rhel_tus:8.4::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.103.1.rt7.178.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.103.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.103.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/o:redhat:rhel_eus:8.6::baseos",
            "cpe:/a:redhat:rhel_eus:8.6::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.75.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.30.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.30.1.rt14.315.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.30.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/o:redhat:rhel_eus:9.0::baseos",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::realtime",
            "cpe:/a:redhat:rhel_eus:9.0::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.rt21.151.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/o:redhat:rhel_eus:8.6::baseos",
            "cpe:/a:redhat:rhel_eus:8.6::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.75.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-07-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in the Linux kernel\u0027s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T16:06:41.643Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:4961",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:4961"
        },
        {
          "name": "RHSA-2023:4962",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:4962"
        },
        {
          "name": "RHSA-2023:4967",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:4967"
        },
        {
          "name": "RHSA-2023:5069",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5069"
        },
        {
          "name": "RHSA-2023:5091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5091"
        },
        {
          "name": "RHSA-2023:5093",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5093"
        },
        {
          "name": "RHSA-2023:5221",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5221"
        },
        {
          "name": "RHSA-2023:5244",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5244"
        },
        {
          "name": "RHSA-2023:5255",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5255"
        },
        {
          "name": "RHSA-2023:5548",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5548"
        },
        {
          "name": "RHSA-2023:5627",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:5627"
        },
        {
          "name": "RHSA-2023:7382",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7382"
        },
        {
          "name": "RHSA-2023:7389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7389"
        },
        {
          "name": "RHSA-2023:7411",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7411"
        },
        {
          "name": "RHSA-2023:7417",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7417"
        },
        {
          "name": "RHSA-2023:7431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7431"
        },
        {
          "name": "RHSA-2023:7434",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7434"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-4004"
        },
        {
          "name": "RHBZ#2225275",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225275"
        },
        {
          "url": "https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-24T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-07-19T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()",
      "workarounds": [
        {
          "lang": "en",
          "value": "This flaw can be mitigated by preventing the affected netfilter kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-4004",
    "datePublished": "2023-07-31T16:22:18.380Z",
    "dateReserved": "2023-07-30T11:58:17.241Z",
    "dateUpdated": "2025-08-01T16:06:41.643Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2023:4260-1

Vulnerability from csaf_suse

CVE-2023-4623 (GCVE-0-2023-4623)

Vulnerability from cvelistv5

CVE-2023-4147 (GCVE-0-2023-4147)

Vulnerability from cvelistv5

CVE-2023-4004 (GCVE-0-2023-4004)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature