CVE-2023-6817

ADVISORY - nist

Summary

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.

We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

EPSS Score⁠: 0.00021 (0.037)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

ADVISORY - redhat

CWE-416⁠

Use After Free

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.