CVE-2023-32233
- Source
- https://cve.org/CVERecord?id=CVE-2023-32233
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-32233.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-32233
- Downstream
- Related
- Published
- 2023-05-08T20:15:20.267Z
- Modified
- 2026-03-20T12:28:15.664034Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
- References
-
- http://www.openwall.com/lists/oss-security/2023/05/15/5
- https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html
- https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
- https://security.netapp.com/advisory/ntap-20230616-0002/
- https://www.debian.org/security/2023/dsa-5402
- https://bugzilla.redhat.com/show_bug.cgi?id=2196105
- https://news.ycombinator.com/item?id=35879660
- http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab
- https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab
- https://www.openwall.com/lists/oss-security/2023/05/08/4
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedc1592a89942e9678f7d9c8030efa777c0d57edab
- Type
- GIT
- Repo
- https://github.com/torvalds/linux
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedc1592a89942e9678f7d9c8030efa777c0d57edab
- Type
- GIT
- Repo
- https://github.com/torvalds/linux
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "3.13"
},
{
"fixed": "4.14.315"
}
]
},
{
"events": [
{
"introduced": "4.15"
},
{
"fixed": "4.19.283"
}
]
},
{
"events": [
{
"introduced": "4.20"
},
{
"fixed": "5.4.243"
}
]
},
{
"events": [
{
"introduced": "5.5"
},
{
"fixed": "5.10.180"
}
]
},
{
"events": [
{
"introduced": "5.11"
},
{
"fixed": "5.15.111"
}
]
},
{
"events": [
{
"introduced": "5.16"
},
{
"fixed": "6.1.28"
}
]
},
{
"events": [
{
"introduced": "6.2"
},
{
"fixed": "6.2.15"
}
]
},
{
"events": [
{
"introduced": "6.3"
},
{
"fixed": "6.3.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "h300s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "h410c"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "h410s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "h500s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "h700s"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "6.3.1"
}
]
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-32233.json"