mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
177 lines
6.1 KiB
JSON
177 lines
6.1 KiB
JSON
{
|
|
"id": "CVE-2023-6817",
|
|
"sourceIdentifier": "cve-coordination@google.com",
|
|
"published": "2023-12-18T15:15:10.210",
|
|
"lastModified": "2024-02-08T16:15:47.270",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.\n\n"
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de use after free en el componente netfilter: nf_tables del kernel de Linux puede explotarse para lograr una escalada de privilegios local. La funci\u00f3n nft_pipapo_walk no omiti\u00f3 elementos inactivos durante el recorrido establecido, lo que podr\u00eda provocar desactivaciones dobles de elementos PIPAPO (Pol\u00edticas de paquetes de pila), lo que llevar\u00eda a un use-after-free. Recomendamos actualizar despu\u00e9s del commit 317eb9685095678f2c9f5a8189de698c5354316a."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
},
|
|
{
|
|
"source": "cve-coordination@google.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-416"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "cve-coordination@google.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-416"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.6",
|
|
"versionEndExcluding": "5.10.204",
|
|
"matchCriteriaId": "BC30ED73-012F-4A4F-8B31-553F3A6D05BB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.11",
|
|
"versionEndExcluding": "5.15.143",
|
|
"matchCriteriaId": "B9718AD7-A70A-4A63-90EE-B47010C352E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.16",
|
|
"versionEndExcluding": "6.1.68",
|
|
"matchCriteriaId": "D73554E0-C1EE-48CC-9FDB-4B66000FEB58"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "6.2",
|
|
"versionEndExcluding": "6.6.7",
|
|
"matchCriteriaId": "38CB764D-606E-4695-8437-DD35E0B1A6FC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A0038DE-E183-4958-A6E3-CE3821FEAFBF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E31AD4FC-436C-44AB-BCAB-3A0B37F69EE0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C56C6E04-4F04-44A3-8DB8-93899903CFCF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.7:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5C78EDA4-8BE6-42FC-9512-49032D525A55"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html",
|
|
"source": "cve-coordination@google.com"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2023/12/22/13",
|
|
"source": "cve-coordination@google.com"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2023/12/22/6",
|
|
"source": "cve-coordination@google.com"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=317eb9685095678f2c9f5a8189de698c5354316a",
|
|
"source": "cve-coordination@google.com",
|
|
"tags": [
|
|
"Mailing List",
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://kernel.dance/317eb9685095678f2c9f5a8189de698c5354316a",
|
|
"source": "cve-coordination@google.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html",
|
|
"source": "cve-coordination@google.com"
|
|
}
|
|
]
|
|
} |