CVE-2023-4128

Summary

CVE	CVE-2023-4128
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-08-10 17:15:00 UTC
Updated	2023-11-14 12:15:00 UTC
Description	A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Fedoraproject	Fedora	37	All	All	All
Operating System	Fedoraproject	Fedora	38	All	All	All
Operating System	Linux	Linux Kernel	All	All	All	All
Operating System	Linux	Linux Kernel	6.5	-	All	All
Operating System	Linux	Linux Kernel	6.5	rc1	All	All
Operating System	Linux	Linux Kernel	6.5	rc2	All	All
Operating System	Linux	Linux Kernel	6.5	rc3	All	All
Operating System	Linux	Linux Kernel	6.5	rc4	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	9.0	All	All	All

References

Reference	Source	Link	Tags
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
[SECURITY] [DLA 3623-1] linux-5.10 security update	MISC	lists.debian.org
Re: [PATCH net v2 0/3] net/sched Bind logic fixes for cls_fw, cls_u32 and cls_route - Victor Nogueira	MISC	lore.kernel.org
Red Hat	MISC	access.redhat.com
Debian -- Security Information -- DSA-5480-1 linux	MISC	www.debian.org
Red Hat		access.redhat.com
[SECURITY] Fedora 37 Update: kernel-6.4.10-100.fc37 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
cve-details	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
kernel/git/torvalds/linux.git - Linux kernel source tree	MISC	git.kernel.org
kernel/git/torvalds/linux.git - Linux kernel source tree	MISC	git.kernel.org
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
2225511 – (CVE-2023-4128) CVE-2023-4128 Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route	MISC	bugzilla.redhat.com
Debian -- Security Information -- DSA-5492-1 linux	MISC	www.debian.org
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
kernel/git/torvalds/linux.git - Linux kernel source tree	MISC	git.kernel.org
[SECURITY] Fedora 38 Update: kernel-6.4.10-200.fc38 - package-announce - Fedora Mailing-Lists	MISC	lists.fedoraproject.org
Red Hat	MISC	access.redhat.com
Kernel Live Patch Security Notice LSN-0098-1 ≈ Packet Storm	MISC	packetstormsecurity.com
August 2023 Linux Kernel 6.5-rc5 Vulnerabilities in NetApp Products \| NetApp Product Security	MISC	security.netapp.com
Red Hat	MISC	access.redhat.com
Red Hat	MISC	access.redhat.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

161066 Oracle Enterprise Linux Security Update for kernel (ELSA-2023-6583)
199764 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6385-1)
199765 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6388-1)
199766 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6386-1)
199769 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6383-1)
199770 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6387-1)
199783 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6396-1)
199785 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6387-2)
199791 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-6386-2)
199796 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6386-3)
199812 Ubuntu Security Notification for Linux kernel (KVM) Vulnerabilities (USN-6396-2)
199834 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6396-3)
199883 Ubuntu Security Notification for Linux kernel (NVIDIA) Vulnerabilities (USN-6466-1)
242068 Red Hat Update for kernel (RHSA-2023:5238)
242073 Red Hat Update for kpatch-patch (RHSA-2023:5235)
242140 Red Hat Update for kpatch-patch (RHSA-2023:5580)
242141 Red Hat Update for kpatch-patch (RHSA-2023:5548)
242142 Red Hat Update for kpatch-patch (RHSA-2023:5575)
242147 Red Hat Update for kernel (RHSA-2023:5628)
242151 Red Hat Update for kernel security (RHSA-2023:5627)
242152 Red Hat Update for kernel (RHSA-2023:5589)
242154 Red Hat Update for kernel (RHSA-2023:5604)
242155 Red Hat Update for kernel-rt (RHSA-2023:5588)
242157 Red Hat Update for kernel-rt (RHSA-2023:5603)
242179 Red Hat Update for kpatch-patch (RHSA-2023:5775)
242188 Red Hat Update for kernel-rt (RHSA-2023:5794)
242399 Red Hat Update for kernel security (RHSA-2023:6583)
242434 Red Hat Update for kernel-rt security (RHSA-2023:6901)
242451 Red Hat Update for kernel security (RHSA-2023:7077)
284396 Fedora Security Update for kernel (FEDORA-2023-d9509be489)
284399 Fedora Security Update for kernel (FEDORA-2023-ee241dcf80)
355827 Amazon Linux Security Advisory for kernel : ALAS-2023-1803
355844 Amazon Linux Security Advisory for kernel : ALAS2-2023-2206
355864 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2023-051
356403 Amazon Linux Security Advisory for kernel : ALAS2-2023-2268
356578 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2023-054
378892 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0114)
379043 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)
379435 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2024:0012)
6000212 Debian Security Update for linux (DSA 5480-1)
6000220 Debian Security Update for linux (DSA 5492-1)
6000265 Debian Security Update for linux-5.10 (DLA 3623-1)
754832 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3600-1)
754833 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3599-1)
754855 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3656-1)
754863 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3680-1)
754866 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3684-1)
754867 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3683-1)
754868 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3682-1)
754869 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3681-1)
754876 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3687-1)
754883 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3705-1)
754884 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3704-1)
754899 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3599-2)
754900 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3600-2)
754901 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3704-2)
754903 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3683-2)
755026 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3964-1)
755037 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3971-1)
755038 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3969-1)
755043 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3988-1)