CVE-2023-3777 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2023-3777?

CVE-2023-3777 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-3777?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux, Canonical Ubuntu Linux.

Vulnerability Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	>= 5.9, < 5.10.188
Debian	Debian Linux	12.0
Canonical	Ubuntu Linux	14.04

Related Weaknesses (CWE)

CWE-416

References

http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eIssue TrackingMailing ListPatch
https://kernel.dance/6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8PatchVendor Advisory
https://www.debian.org/security/2023/dsa-5492Third Party Advisory
http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eIssue TrackingMailing ListPatch
https://kernel.dance/6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8PatchVendor Advisory
https://www.debian.org/security/2023/dsa-5492Third Party Advisory

FAQ

What is CVE-2023-3777?

CVE-2023-3777 is a vulnerability with a CVSS score of 7.8 (HIGH). A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not...

How severe is CVE-2023-3777?

CVE-2023-3777 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-3777?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux, Canonical Ubuntu Linux.