cve/2023/CVE-2023-3610.md

CVE-2023-3610

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.We recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.

POC

Reference

No PoCs from references.

Github

• https://github.com/EGI-Federation/SVG-advisories