CVE-2023-3777

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-3777
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3777.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-3777
Downstream
Related
Published
2023-09-06T14:15:10Z
Modified
2025-08-09T20:01:28Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

When nftablesdelrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances.

We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.

References

Affected packages