CVE-2023-4244

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-4244

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4244.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-4244

Downstream

BELL-CVE-2023-4244

DEBIAN-CVE-2023-4244

DLA-3623-1

DLA-3710-1

RHSA-2024:1018

RHSA-2024:1019

RHSA-2024:1248

RHSA-2024:2950

RHSA-2024:3138

RHSA-2024:3414

RHSA-2024:3421

SUSE-SU-2023:4730-1

SUSE-SU-2023:4731-1

SUSE-SU-2023:4732-1

SUSE-SU-2023:4734-1

SUSE-SU-2023:4782-1

SUSE-SU-2023:4810-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2493-1

SUSE-SU-2024:2561-1

SUSE-SU-2024:2901-1

SUSE-SU-2025:0771-1

SUSE-SU-2025:0855-1

SUSE-SU-2025:0867-1

UBUNTU-CVE-2023-4244

USN-6444-1

USN-6444-2

USN-6445-1

USN-6445-2

USN-6446-1

USN-6446-2

USN-6446-3

USN-6461-1

USN-6466-1

USN-6503-1

USN-6681-1

USN-6681-2

USN-6681-3

USN-6681-4

USN-6716-1

Related

Published

2023-09-06T14:15:11Z

Modified

2025-08-09T19:01:27Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

Due to a race condition between nftables netlink control plane transaction and nftset element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability.

We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.

References

Affected packages