CVE - CVE-2024-0193

CVE-ID
CVE-2024-0193	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:RHBZ#2255653 URL:https://bugzilla.redhat.com/show_bug.cgi?id=2255653 MISC:RHSA-2024:1018 URL:https://access.redhat.com/errata/RHSA-2024:1018 MISC:RHSA-2024:1019 URL:https://access.redhat.com/errata/RHSA-2024:1019 MISC:RHSA-2024:1248 URL:https://access.redhat.com/errata/RHSA-2024:1248 MISC:https://access.redhat.com/security/cve/CVE-2024-0193 URL:https://access.redhat.com/security/cve/CVE-2024-0193
Assigning CNA
Red Hat, Inc.
Date Record Created
20240102	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240102)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)