CVE-2023-4623

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-4623
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4623.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-4623
Downstream
Related
Published
2023-09-06T13:56:57.295Z
Modified
2026-05-08T04:54:30.303385Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Use-after-free in Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component
Details

A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.

If a class with a link-sharing curve (i.e. with the HFSCFSC flag set) has a parent without a link-sharing curve, then initvf() will call vttreeinsert() on the parent, but vttreeremove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.

We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.

Database specific 
{
    "cwe_ids": [
        "CWE-416"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/4xxx/CVE-2023-4623.json",
    "cna_assigner": "Google"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
9ee1c939d1cb936b1f98e8d81aeffab57bae46ab
Fixed
ffc253263a1375a65fa6c9f62a893e9767fbebfa
Database specific 
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "2.6.12"
        },
        {
            "fixed": "6.6"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-4623.json"