CVE-2023-3390— Use-after-free in Linux kernel's netfilter subsystem
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-3390
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use-after-free in Linux kernel's netfilter subsystem
Source: NVD (National Vulnerability Database)
Vulnerability Description
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在netfilter子系统中存在内存释放后重用问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Linux | Linux Kernel | 3.16 ~ 6.4 | - |
II. Public POCs for CVE-2023-3390
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | PoC of the CVE-2023-3390 | https://github.com/flygonty/CVE-2023-3390_PoC | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-3390
请登录查看更多情报信息。
Same Patch Batch · Linux · 2023-06-28 · 4 CVEs total
| CVE-2023-3389 | 7.8 HIGH | Use after free in io_uring in the Linux Kernel |
| CVE-2023-3090 | 7.8 HIGH | Out-of-bounds write in Linux kernel's ipvlan network driver |
| CVE-2023-1295 | 7.8 HIGH | Privilege escalation with IO_RING_OP_CLOSE in the Linux Kernel |
IV. Related Vulnerabilities
Same product: Linux Kernel
- CVE-2024-24864
Race condition vulnerability in Linux kernel media/dvb-core - CVE-2024-24857
Race condition vulnerability in Linux kernel bluetooth in co - CVE-2024-24858
Race condition vulnerability in Linux kernel net/bluetooth i - CVE-2024-24859
Race condition vulnerability in Linux kernel bluetooth sniff - CVE-2024-24860
Race condition vulnerability in Linux kernel bluetooth drive
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2023-3390
No comments yet