vulnerability

Ubuntu: (Multiple Advisories) (CVE-2023-4244): Linux kernel vulnerabilities

Severity
7
CVSS
(AV:L/AC:M/Au:S/C:C/I:C/A:C)
Published
Sep 6, 2023
Added
Oct 23, 2023
Modified
Feb 20, 2025

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

Due to a race condition between nf_tables netlink control plane transaction and nft_set element garbage collection, it is possible to underflow the reference counter causing a use-after-free vulnerability.

We recommend upgrading past commit 3e91b0ebd994635df2346353322ac51ce84ce6d8.

Solution(s)

ubuntu-upgrade-linux-image-5-15-0-1031-gkeopubuntu-upgrade-linux-image-5-15-0-1039-nvidiaubuntu-upgrade-linux-image-5-15-0-1039-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1041-ibmubuntu-upgrade-linux-image-5-15-0-1041-raspiubuntu-upgrade-linux-image-5-15-0-1043-intel-iotgubuntu-upgrade-linux-image-5-15-0-1045-gcpubuntu-upgrade-linux-image-5-15-0-1045-gkeubuntu-upgrade-linux-image-5-15-0-1045-kvmubuntu-upgrade-linux-image-5-15-0-1046-oracleubuntu-upgrade-linux-image-5-15-0-1048-awsubuntu-upgrade-linux-image-5-15-0-1050-azureubuntu-upgrade-linux-image-5-15-0-1050-azure-fdeubuntu-upgrade-linux-image-5-15-0-87-genericubuntu-upgrade-linux-image-5-15-0-87-generic-64kubuntu-upgrade-linux-image-5-15-0-87-generic-lpaeubuntu-upgrade-linux-image-5-15-0-87-lowlatencyubuntu-upgrade-linux-image-5-15-0-87-lowlatency-64kubuntu-upgrade-linux-image-5-4-0-1032-iotubuntu-upgrade-linux-image-5-4-0-1039-xilinx-zynqmpubuntu-upgrade-linux-image-5-4-0-1067-ibmubuntu-upgrade-linux-image-5-4-0-1080-bluefieldubuntu-upgrade-linux-image-5-4-0-1087-gkeopubuntu-upgrade-linux-image-5-4-0-1104-raspiubuntu-upgrade-linux-image-5-4-0-1108-kvmubuntu-upgrade-linux-image-5-4-0-1119-oracleubuntu-upgrade-linux-image-5-4-0-1120-awsubuntu-upgrade-linux-image-5-4-0-1124-gcpubuntu-upgrade-linux-image-5-4-0-1126-azureubuntu-upgrade-linux-image-5-4-0-173-genericubuntu-upgrade-linux-image-5-4-0-173-generic-lpaeubuntu-upgrade-linux-image-5-4-0-173-lowlatencyubuntu-upgrade-linux-image-6-1-0-1025-oemubuntu-upgrade-linux-image-6-2-0-1007-starfiveubuntu-upgrade-linux-image-6-2-0-1011-nvidiaubuntu-upgrade-linux-image-6-2-0-1011-nvidia-64kubuntu-upgrade-linux-image-6-2-0-1014-awsubuntu-upgrade-linux-image-6-2-0-1014-oracleubuntu-upgrade-linux-image-6-2-0-1015-azureubuntu-upgrade-linux-image-6-2-0-1015-azure-fdeubuntu-upgrade-linux-image-6-2-0-1015-kvmubuntu-upgrade-linux-image-6-2-0-1015-lowlatencyubuntu-upgrade-linux-image-6-2-0-1015-lowlatency-64kubuntu-upgrade-linux-image-6-2-0-1015-raspiubuntu-upgrade-linux-image-6-2-0-1017-gcpubuntu-upgrade-linux-image-6-2-0-35-genericubuntu-upgrade-linux-image-6-2-0-35-generic-64kubuntu-upgrade-linux-image-6-2-0-35-generic-lpaeubuntu-upgrade-linux-image-6-5-0-1004-starfiveubuntu-upgrade-linux-image-6-5-0-1006-laptopubuntu-upgrade-linux-image-6-5-0-1007-raspiubuntu-upgrade-linux-image-6-5-0-1008-oemubuntu-upgrade-linux-image-6-5-0-1009-azureubuntu-upgrade-linux-image-6-5-0-1009-azure-fdeubuntu-upgrade-linux-image-6-5-0-1010-awsubuntu-upgrade-linux-image-6-5-0-1010-gcpubuntu-upgrade-linux-image-6-5-0-1012-oracleubuntu-upgrade-linux-image-6-5-0-13-genericubuntu-upgrade-linux-image-6-5-0-13-generic-64kubuntu-upgrade-linux-image-6-5-0-13-lowlatencyubuntu-upgrade-linux-image-6-5-0-13-lowlatency-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fde-lts-22-04ubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-bluefieldubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-64k-hwe-22-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-22-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-gkeop-5-4ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-lts-20-04ubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-laptop-23-10ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-22-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-6-2ubuntu-upgrade-linux-image-nvidia-64k-6-2ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04ubuntu-upgrade-linux-image-nvidia-hwe-22-04ubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-20-04cubuntu-upgrade-linux-image-oem-20-04dubuntu-upgrade-linux-image-oem-22-04ubuntu-upgrade-linux-image-oem-22-04aubuntu-upgrade-linux-image-oem-22-04bubuntu-upgrade-linux-image-oem-22-04cubuntu-upgrade-linux-image-oem-22-04dubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-starfiveubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-20-04ubuntu-upgrade-linux-image-virtual-hwe-22-04ubuntu-upgrade-linux-image-xilinx-zynqmp
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.