CVE-2023-6111
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-6111
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6111.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-6111
- Downstream
- Published
- 2023-11-14T14:15:29Z
- Modified
- 2025-08-09T19:01:27Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.
The function nfttransgccatchall did not remove the catchall set element from the catchalllist when the argument sync is true, making it possible to free a catchall set element many times.
We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630.
- References
-
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3OXWBKK7RTQOGGDLQGCZFS753VLGS2GD/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3S55P23EYAWDHXZPJEVTGIRZZRICYI3Z/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IG6IF3FUY7LVZJMFRPANAU4L4PSJ3ESQ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YQ7JVDEDZV5SNHG5EW7RHKK2ZN56HSGB/
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93995bf4af2c5a99e2a87f0cd5ce547d31eb7630
- https://kernel.dance/93995bf4af2c5a99e2a87f0cd5ce547d31eb7630