{"api_version":"1","generated_at":"2026-04-22T19:37:49+00:00","cve":"CVE-2023-32233","urls":{"html":"https://cve.report/CVE-2023-32233","api":"https://cve.report/api/cve/CVE-2023-32233.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-32233","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-32233"},"summary":{"title":"CVE-2023-32233","description":"In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2023-05-08 20:15:00","updated_at":"2023-09-28 19:07:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","name":"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","refsource":"MISC","tags":[],"title":"Kernel Live Patch Security Notice LSN-0095-1 ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://news.ycombinator.com/item?id=35879660","name":"https://news.ycombinator.com/item?id=35879660","refsource":"MISC","tags":[],"title":"Linux kernel use-after-free in Netfilter, local privilege escalation | Hacker News","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html","name":"[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3508-1] linux security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230616-0002/","name":"https://security.netapp.com/advisory/ntap-20230616-0002/","refsource":"CONFIRM","tags":[],"title":"CVE-2023-32233 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.openwall.com/lists/oss-security/2023/05/08/4","name":"https://www.openwall.com/lists/oss-security/2023/05/08/4","refsource":"MISC","tags":[],"title":"oss-security - [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables\n when processing batch requests can be abused to perform arbitrary reads and\n writes in kernel memory","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.openwall.com/lists/oss-security/2023/05/15/5","name":"[oss-security] 20230515 Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory","refsource":"MLIST","tags":[],"title":"oss-security - Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter\n nf_tables when processing batch requests can be abused to perform arbitrary\n reads and writes in kernel memory","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196105","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2196105","refsource":"MISC","tags":[],"title":"2196105 – (CVE-2023-32233) CVE-2023-32233 kernel:Use-After-Free in Netfilter nf_tables when NFT_MSG_DELRULE and NFT_MSG_DELSETELEM operations used","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html","name":"[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3446-1] linux-5.10 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab","name":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab","refsource":"MISC","tags":[],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2023/dsa-5402","name":"DSA-5402","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5402-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab","name":"https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab","refsource":"MISC","tags":[],"title":"netfilter: nf_tables: deactivate anonymous set from preparation phase · torvalds/linux@c1592a8 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-32233","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-32233","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"6.3.1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_baseboard_management_controller","cpe6":"h300s","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_baseboard_management_controller","cpe6":"h410c","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_baseboard_management_controller","cpe6":"h410s","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_baseboard_management_controller","cpe6":"h500s","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"hci_baseboard_management_controller","cpe6":"h700s","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"32233","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-32233","qid":"160712","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-3349)"},{"cve":"CVE-2023-32233","qid":"160725","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12393)"},{"cve":"CVE-2023-32233","qid":"160726","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-12413)"},{"cve":"CVE-2023-32233","qid":"160728","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12394)"},{"cve":"CVE-2023-32233","qid":"160729","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-12412)"},{"cve":"CVE-2023-32233","qid":"160806","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-3723)"},{"cve":"CVE-2023-32233","qid":"160971","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-5622)"},{"cve":"CVE-2023-32233","qid":"181781","title":"Debian Security Update for linux (DSA 5402-1)"},{"cve":"CVE-2023-32233","qid":"181828","title":"Debian Security Update for linux-5.10 (DLA 3446-1)"},{"cve":"CVE-2023-32233","qid":"183185","title":"Debian Security Update for linux (CVE-2023-32233)"},{"cve":"CVE-2023-32233","qid":"199374","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6122-1)"},{"cve":"CVE-2023-32233","qid":"199375","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6123-1)"},{"cve":"CVE-2023-32233","qid":"199380","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6124-1)"},{"cve":"CVE-2023-32233","qid":"199382","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6127-1)"},{"cve":"CVE-2023-32233","qid":"199384","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6132-1)"},{"cve":"CVE-2023-32233","qid":"199386","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6131-1)"},{"cve":"CVE-2023-32233","qid":"199390","title":"Ubuntu Security Notification for Linux kernel (Azure CVM) Vulnerabilities (USN-6135-1)"},{"cve":"CVE-2023-32233","qid":"199406","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6150-1)"},{"cve":"CVE-2023-32233","qid":"199413","title":"Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-6162-1)"},{"cve":"CVE-2023-32233","qid":"199422","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6175-1)"},{"cve":"CVE-2023-32233","qid":"199437","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6186-1)"},{"cve":"CVE-2023-32233","qid":"199465","title":"Ubuntu Security Notification for Linux kernel (Xilinx ZynqMP) Vulnerabilities (USN-6222-1)"},{"cve":"CVE-2023-32233","qid":"199471","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6130-1)"},{"cve":"CVE-2023-32233","qid":"199539","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6149-1)"},{"cve":"CVE-2023-32233","qid":"199614","title":"Ubuntu Security Notification for Linux kernel (IoT) Vulnerabilities (USN-6256-1)"},{"cve":"CVE-2023-32233","qid":"241561","title":"Red Hat Update for kernel-rt (RHSA-2023:3350)"},{"cve":"CVE-2023-32233","qid":"241571","title":"Red Hat Update for kernel (RHSA-2023:3349)"},{"cve":"CVE-2023-32233","qid":"241572","title":"Red Hat Update for kpatch-patch (RHSA-2023:3351)"},{"cve":"CVE-2023-32233","qid":"241588","title":"Red Hat Update for kernel (RHSA-2023:3465)"},{"cve":"CVE-2023-32233","qid":"241590","title":"Red Hat Update for kernel-rt (RHSA-2023:3470)"},{"cve":"CVE-2023-32233","qid":"241591","title":"Red Hat Update for kpatch-patch (RHSA-2023:3490)"},{"cve":"CVE-2023-32233","qid":"241732","title":"Red Hat Update for kpatch-patch (RHSA-2023:3705)"},{"cve":"CVE-2023-32233","qid":"241733","title":"Red Hat Update for kernel (RHSA-2023:3723)"},{"cve":"CVE-2023-32233","qid":"241740","title":"Red Hat Update for kernel-rt (RHSA-2023:3708)"},{"cve":"CVE-2023-32233","qid":"241753","title":"Red Hat Update for kpatch-patch (RHSA-2023:3853)"},{"cve":"CVE-2023-32233","qid":"241754","title":"Red Hat Update for kernel (RHSA-2023:3852)"},{"cve":"CVE-2023-32233","qid":"241820","title":"Red Hat Update for kernel (RHSA-2023:4130)"},{"cve":"CVE-2023-32233","qid":"241824","title":"Red Hat Update for kpatch-patch (RHSA-2023:4145)"},{"cve":"CVE-2023-32233","qid":"241825","title":"Red Hat Update for kpatch-patch (RHSA-2023:4146)"},{"cve":"CVE-2023-32233","qid":"241831","title":"Red Hat Update for kernel-rt (RHSA-2023:4126)"},{"cve":"CVE-2023-32233","qid":"241832","title":"Red Hat Update for kernel (RHSA-2023:4125)"},{"cve":"CVE-2023-32233","qid":"241862","title":"Red Hat Update for kernel-rt (RHSA-2023:4255)"},{"cve":"CVE-2023-32233","qid":"241863","title":"Red Hat Update for kernel (RHSA-2023:4256)"},{"cve":"CVE-2023-32233","qid":"241864","title":"Red Hat Update for kpatch-patch (RHSA-2023:4262)"},{"cve":"CVE-2023-32233","qid":"242143","title":"Red Hat Update for kpatch-patch (RHSA-2023:5574)"},{"cve":"CVE-2023-32233","qid":"242158","title":"Red Hat Update for kernel (RHSA-2023:5622)"},{"cve":"CVE-2023-32233","qid":"242159","title":"Red Hat Update for kernel-rt (RHSA-2023:5621)"},{"cve":"CVE-2023-32233","qid":"257259","title":"CentOS Security Update for kernel"},{"cve":"CVE-2023-32233","qid":"355335","title":"Amazon Linux Security Advisory for kernel : ALAS2-2023-2050"},{"cve":"CVE-2023-32233","qid":"355342","title":"Amazon Linux Security Advisory for kernel : ALAS-2023-1750"},{"cve":"CVE-2023-32233","qid":"355350","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-123"},{"cve":"CVE-2023-32233","qid":"355351","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2023-020"},{"cve":"CVE-2023-32233","qid":"355352","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2023-033"},{"cve":"CVE-2023-32233","qid":"355354","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-126"},{"cve":"CVE-2023-32233","qid":"355355","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-122"},{"cve":"CVE-2023-32233","qid":"355357","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-127"},{"cve":"CVE-2023-32233","qid":"355360","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-124"},{"cve":"CVE-2023-32233","qid":"355361","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2023-046"},{"cve":"CVE-2023-32233","qid":"355362","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2LIVEPATCH-2023-125"},{"cve":"CVE-2023-32233","qid":"355416","title":"Amazon Linux Security Advisory for kernel : ALAS2023-2023-184"},{"cve":"CVE-2023-32233","qid":"355444","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2023LIVEPATCH-2023-005"},{"cve":"CVE-2023-32233","qid":"355445","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2023LIVEPATCH-2023-006"},{"cve":"CVE-2023-32233","qid":"355446","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2023LIVEPATCH-2023-008"},{"cve":"CVE-2023-32233","qid":"355447","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2023LIVEPATCH-2023-004"},{"cve":"CVE-2023-32233","qid":"355448","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2023LIVEPATCH-2023-009"},{"cve":"CVE-2023-32233","qid":"355449","title":"Amazon Linux Security Advisory for kernel-livepatch : ALAS2023LIVEPATCH-2023-007"},{"cve":"CVE-2023-32233","qid":"378535","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2023:0025)"},{"cve":"CVE-2023-32233","qid":"378537","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0048)"},{"cve":"CVE-2023-32233","qid":"378710","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0079)"},{"cve":"CVE-2023-32233","qid":"503117","title":"Alpine Linux Security Update for linux-lts"},{"cve":"CVE-2023-32233","qid":"505893","title":"Alpine Linux Security Update for linux-lts"},{"cve":"CVE-2023-32233","qid":"6000136","title":"Debian Security Update for linux (DLA 3508-1)"},{"cve":"CVE-2023-32233","qid":"6140023","title":"AWS Bottlerocket Security Update for kernel (GHSA-9vcc-64rw-mj7q)"},{"cve":"CVE-2023-32233","qid":"6140272","title":"AWS Bottlerocket Security Update for kernel (GHSA-9vcc-64rw-mj7q)"},{"cve":"CVE-2023-32233","qid":"673214","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2383)"},{"cve":"CVE-2023-32233","qid":"673261","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2614)"},{"cve":"CVE-2023-32233","qid":"673272","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2584)"},{"cve":"CVE-2023-32233","qid":"673393","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2647)"},{"cve":"CVE-2023-32233","qid":"673498","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-3132)"},{"cve":"CVE-2023-32233","qid":"673604","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2811)"},{"cve":"CVE-2023-32233","qid":"674113","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2689)"},{"cve":"CVE-2023-32233","qid":"754120","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2611-1)"},{"cve":"CVE-2023-32233","qid":"754145","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:2651-1)"},{"cve":"CVE-2023-32233","qid":"754829","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 24 for SLE 15 SP3) (SUSE-SU-2023:3594-1)"},{"cve":"CVE-2023-32233","qid":"754831","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 27 for SLE 15 SP3) (SUSE-SU-2023:3595-1)"},{"cve":"CVE-2023-32233","qid":"754834","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 25 for SLE 15 SP3) (SUSE-SU-2023:3607-1)"},{"cve":"CVE-2023-32233","qid":"754840","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 15 SP2) (SUSE-SU-2023:3620-1)"},{"cve":"CVE-2023-32233","qid":"754841","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 29 for SLE 15 SP3) (SUSE-SU-2023:3623-1)"},{"cve":"CVE-2023-32233","qid":"754842","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 35 for SLE 15 SP2) (SUSE-SU-2023:3612-1)"},{"cve":"CVE-2023-32233","qid":"754844","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 32 for SLE 15 SP3) (SUSE-SU-2023:3628-1)"},{"cve":"CVE-2023-32233","qid":"754845","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 30 for SLE 15 SP3) (SUSE-SU-2023:3627-1)"},{"cve":"CVE-2023-32233","qid":"754848","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:3630-1)"},{"cve":"CVE-2023-32233","qid":"754852","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 12 for SLE 15 SP4) (SUSE-SU-2023:3648-1)"},{"cve":"CVE-2023-32233","qid":"754853","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 11 for SLE 15 SP4) (SUSE-SU-2023:3647-1)"},{"cve":"CVE-2023-32233","qid":"754854","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 8 for SLE 15 SP4) (SUSE-SU-2023:3644-1)"},{"cve":"CVE-2023-32233","qid":"754872","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP4) (SUSE-SU-2023:3675-1)"},{"cve":"CVE-2023-32233","qid":"754873","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2023:3671-1)"},{"cve":"CVE-2023-32233","qid":"754874","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP4) (SUSE-SU-2023:3668-1)"},{"cve":"CVE-2023-32233","qid":"755851","title":"SUSE Enterprise Linux Security Update for the linux kernel (SUSE-SU-2023:2646-1)"},{"cve":"CVE-2023-32233","qid":"906946","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (26690-1)"},{"cve":"CVE-2023-32233","qid":"906975","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (26683-1)"},{"cve":"CVE-2023-32233","qid":"941128","title":"AlmaLinux Security Update for kernel (ALSA-2023:3349)"},{"cve":"CVE-2023-32233","qid":"941129","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:3350)"},{"cve":"CVE-2023-32233","qid":"941166","title":"AlmaLinux Security Update for kernel (ALSA-2023:3723)"},{"cve":"CVE-2023-32233","qid":"941167","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:3708)"},{"cve":"CVE-2023-32233","qid":"960943","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:3350)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2023-32233","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://www.openwall.com/lists/oss-security/2023/05/08/4","url":"https://www.openwall.com/lists/oss-security/2023/05/08/4"},{"refsource":"MISC","name":"https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab","url":"https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab"},{"refsource":"MISC","name":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab","url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab"},{"refsource":"MISC","name":"https://news.ycombinator.com/item?id=35879660","url":"https://news.ycombinator.com/item?id=35879660"},{"refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2196105","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196105"},{"refsource":"DEBIAN","name":"DSA-5402","url":"https://www.debian.org/security/2023/dsa-5402"},{"refsource":"MLIST","name":"[oss-security] 20230515 Re: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory","url":"http://www.openwall.com/lists/oss-security/2023/05/15/5"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update","url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230616-0002/","url":"https://security.netapp.com/advisory/ntap-20230616-0002/"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html","url":"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update","url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"}]}},"nvd":{"publishedDate":"2023-05-08 20:15:00","lastModifiedDate":"2023-09-28 19:07:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.3.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.2.15","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.28","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.111","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.180","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.243","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.283","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.13","versionEndExcluding":"4.14.315","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}