what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

CVE-2023-4244

Status Candidate

Overview

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability. We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.

Related Files

Red Hat Security Advisory 2024-2094-03
Posted Jul 9, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2094-03 - Moderate Logging for Red Hat OpenShift - 5.8.6.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | ceebda1ed6f55629dd66c15d9665b80ecb404ec575028c2e2d63615b5e4b3637
Red Hat Security Advisory 2024-3421-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3421-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | 722dd888172646245dc9d140441b7cfb6c22df4a3e2222165fb17ff9a41af213
Red Hat Security Advisory 2024-3414-03
Posted May 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-3414-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | 40d77d69adb5e2550fc1ae5d76234e1f22a683b6850d518f5a324ae11e6d89c8
Ubuntu Security Notice USN-6716-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6716-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-23000, CVE-2023-23004, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340, CVE-2024-1086, CVE-2024-24855
SHA-256 | ca7041e9e1eafaa437eb00fd772e3fc4d0224945b1c747de75266ab82a88c293
Ubuntu Security Notice USN-6681-4
Posted Mar 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6681-4 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340
SHA-256 | 98ebd4a16df2d78e75466bb3de0b920f697988acf5ef14f0238d3ed664307487
Ubuntu Security Notice USN-6681-3
Posted Mar 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6681-3 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340
SHA-256 | 0f6456a501a2a52790c93531be3acfce9cd0cea9e69c63498f9c5b2580aa219b
Ubuntu Security Notice USN-6681-2
Posted Mar 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6681-2 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340
SHA-256 | 497cdba15e2474c05f61de47875a39a3f760923ca11ee79f7167211274bac41c
Red Hat Security Advisory 2024-1248-03
Posted Mar 12, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1248-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

tags | advisory, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2023-4244
SHA-256 | e8cee96a94ad07c9429b0bfe0fc3b41b26d6aecb31ef509f3a03f7021e1d0f40
Ubuntu Security Notice USN-6681-1
Posted Mar 7, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6681-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340
SHA-256 | e6207c1377c4c4662d23c4c6808627d6ca7ab8ee47c61e983d303f015693e726
Ubuntu Security Notice USN-6572-1
Posted Jan 10, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6572-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-4244, CVE-2023-5090, CVE-2023-5345, CVE-2023-5633
SHA-256 | 6502281ff932b113046160566a0b04203cfc1147fab61e5281fcdf065831f17d
Ubuntu Security Notice USN-6537-1
Posted Dec 7, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6537-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-39189, CVE-2023-4244, CVE-2023-42754, CVE-2023-45898, CVE-2023-5090, CVE-2023-5158, CVE-2023-5178, CVE-2023-5345, CVE-2023-5633, CVE-2023-5717
SHA-256 | 8aef40e675ea284f23ed621bd7c35ed99674db45761dbfcf4196b8a01e0ab72e
Ubuntu Security Notice USN-6503-1
Posted Nov 22, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6503-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-4244, CVE-2023-5090, CVE-2023-5345, CVE-2023-5633
SHA-256 | f49422348439f73d6b38b42749f79884cebe5eadebb4f303ea755ef60d55b31d
Ubuntu Security Notice USN-6461-1
Posted Nov 13, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6461-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-31085, CVE-2023-34324, CVE-2023-39189, CVE-2023-4244, CVE-2023-42754, CVE-2023-4921, CVE-2023-5345
SHA-256 | f8740a5eb1f34579bfa81fa7e581cd1a70b404dfe0f903ddc342a4642aaedf3f
Ubuntu Security Notice USN-6446-3
Posted Oct 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6446-3 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753, CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | 484ebd5fb48372ba1a85bd65fdc24bc439655586fb452d16cfa2fba3c7f9088e
Ubuntu Security Notice USN-6445-2
Posted Oct 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6445-2 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1206, CVE-2023-20569, CVE-2023-2156, CVE-2023-3338, CVE-2023-34319, CVE-2023-38432, CVE-2023-3863, CVE-2023-3865, CVE-2023-3866, CVE-2023-4132, CVE-2023-4155, CVE-2023-4194, CVE-2023-4244, CVE-2023-4273
SHA-256 | 7161886f27ce432ad514954dd1b3c798e3d98a8a29d07d4592bcf71aae1d37df
Ubuntu Security Notice USN-6446-2
Posted Oct 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6446-2 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753, CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | f0dc5ad0a790213ff19892b967ead2603483e643e8cae2857c45b952dc3896fe
Ubuntu Security Notice USN-6444-2
Posted Oct 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6444-2 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753, CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | e1d72b79310f991fbf9447b368e82c18985bd69f9a6a49de7ca3fae3cd49f9c6
Ubuntu Security Notice USN-6445-1
Posted Oct 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6445-1 - It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service. Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD processors utilising speculative execution and branch prediction may allow unauthorised memory reads via a speculative side-channel attack. A local attacker could use this to expose sensitive information, including kernel memory.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1206, CVE-2023-20569, CVE-2023-2156, CVE-2023-3338, CVE-2023-34319, CVE-2023-38432, CVE-2023-3863, CVE-2023-3865, CVE-2023-3866, CVE-2023-4132, CVE-2023-4155, CVE-2023-4194, CVE-2023-4244, CVE-2023-4273
SHA-256 | e6b24dd74615cc6c00bd4c9686d9c6103de24a03be2c7b72a6caee0cd088dc72
Ubuntu Security Notice USN-6446-1
Posted Oct 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6446-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753, CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | 983eb07e4f52536926c8898d1770d713cdd350b8877f816cb919688180d04372
Ubuntu Security Notice USN-6444-1
Posted Oct 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6444-1 - Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-34319, CVE-2023-4244, CVE-2023-42752, CVE-2023-42753, CVE-2023-42755, CVE-2023-42756, CVE-2023-4622, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5197
SHA-256 | 8645d582e10335986115be5495a9fdd5e21177f253b7c4269b41af043d52fdd1
Ubuntu Security Notice USN-6443-1
Posted Oct 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6443-1 - Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-4244, CVE-2023-42752, CVE-2023-42755, CVE-2023-42756, CVE-2023-4881, CVE-2023-5197
SHA-256 | baf35ea7bd4793f2002370f0e32ae2eb8e9c403f8177a1350a5eb4a014d66fae
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close