Warning: Linux kernel allows escalation to root privileges in Netfilter, Patch Immediately!
CVE-2023-32233 : Not scored yet
Sources
https://nvd.nist.gov/vuln/detail/CVE-2023-32233
Risks
A use-after-free vulnerability in the NetFilter nf_tables allows an unprivileged attacker to escalate their privileges to root, giving them complete control of the targeted system. Exploitation requires local access to the Linux device. There Is no indication that the vulnerability is being exploited at the moment of this advisory, but a proof-of-concept (PoC) will be published on the 15th of May. A source code commit was submitted to the Linux kernel and the Issue has been fixed.
Description
NetFilter is a Network Address Translation (NAT) framework build into the Linux kernel and the vulnerability affects all versions including the latest one (Linux kernel version 6.3.1).
NetFilter nf_tables fails to reject invalid batch requests that are used to update its configuration. As a result, its internal state is corrupted and the vulnerability can be abused to perform arbitrary read and write operations on kernel memory. The vulnerability still awaits a CVSS 3.1 score calculation but the Centre for Cybersecurity Belgium assesses this vulnerability is important to critical since it is easy to exploit and part of the Linux kernel spread all over the world.
Recommended Actions
The Centre for Cybersecurity Belgium strongly recommends system administrators to patch their Linux systems after thorough testing.
Please check your Linux vendor's security page to find the specific patch. Some initial references are already available on the NVD reference below.