{"api_version":"1","generated_at":"2026-04-22T23:52:37+00:00","cve":"CVE-2023-3610","urls":{"html":"https://cve.report/CVE-2023-3610","api":"https://cve.report/api/cve/CVE-2023-3610.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-3610","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-3610"},"summary":{"title":"CVE-2023-3610","description":"A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.","state":"PUBLIC","assigner":"security@google.com","published_at":"2023-07-21 21:15:00","updated_at":"2023-08-18 14:15:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795","refsource":"MISC","tags":[],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2023/dsa-5461","name":"https://www.debian.org/security/2023/dsa-5461","refsource":"MISC","tags":[],"title":"Debian -- Security Information -- DSA-5461-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html","name":"https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html","refsource":"MISC","tags":[],"title":"[SECURITY] [DLA 3512-1] linux-5.10 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230818-0005/","name":"https://security.netapp.com/advisory/ntap-20230818-0005/","refsource":"MISC","tags":[],"title":"July 2023 Linux Kernel 6.3 Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://kernel.dance/4bedf9eee016286c835e3d8fa981ddece5338795","name":"https://kernel.dance/4bedf9eee016286c835e3d8fa981ddece5338795","refsource":"MISC","tags":[],"title":"","mime":"text/html","httpstatus":"404","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-3610","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3610","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"3610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.4","cpe7":"rc7","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-3610","qid":"160912","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-5069)"},{"cve":"CVE-2023-3610","qid":"160943","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-12836)"},{"cve":"CVE-2023-3610","qid":"199651","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6285-1)"},{"cve":"CVE-2023-3610","qid":"199764","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6385-1)"},{"cve":"CVE-2023-3610","qid":"378892","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0114)"},{"cve":"CVE-2023-3610","qid":"379043","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)"},{"cve":"CVE-2023-3610","qid":"6000008","title":"Debian Security Update for linux (DSA 5461-1)"},{"cve":"CVE-2023-3610","qid":"6000130","title":"Debian Security Update for linux-5.10 (DLA 3512-1)"},{"cve":"CVE-2023-3610","qid":"6140248","title":"AWS Bottlerocket Security Update for kernel (GHSA-fvwj-42wq-6h6x)"},{"cve":"CVE-2023-3610","qid":"673354","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2843)"},{"cve":"CVE-2023-3610","qid":"673496","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-2860)"},{"cve":"CVE-2023-3610","qid":"754832","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3600-1)"},{"cve":"CVE-2023-3610","qid":"754833","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3599-1)"},{"cve":"CVE-2023-3610","qid":"754855","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3656-1)"},{"cve":"CVE-2023-3610","qid":"754867","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3683-1)"},{"cve":"CVE-2023-3610","qid":"754868","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3682-1)"},{"cve":"CVE-2023-3610","qid":"754884","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3704-1)"},{"cve":"CVE-2023-3610","qid":"754899","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3599-2)"},{"cve":"CVE-2023-3610","qid":"754900","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3600-2)"},{"cve":"CVE-2023-3610","qid":"754901","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3704-2)"},{"cve":"CVE-2023-3610","qid":"754903","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3683-2)"},{"cve":"CVE-2023-3610","qid":"755026","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3964-1)"},{"cve":"CVE-2023-3610","qid":"755037","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3971-1)"},{"cve":"CVE-2023-3610","qid":"755038","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3969-1)"},{"cve":"CVE-2023-3610","qid":"755043","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:3988-1)"},{"cve":"CVE-2023-3610","qid":"907126","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (27725-1)"},{"cve":"CVE-2023-3610","qid":"907205","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (27673-1)"},{"cve":"CVE-2023-3610","qid":"941249","title":"AlmaLinux Security Update for kernel (ALSA-2023:5069)"},{"cve":"CVE-2023-3610","qid":"941254","title":"AlmaLinux Security Update for kernel-rt (ALSA-2023:5091)"},{"cve":"CVE-2023-3610","qid":"961015","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:5091)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-3610","ASSIGNER":"security@google.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.\n\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-416 Use After Free","cweId":"CWE-416"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Linux","product":{"product_data":[{"product_name":"Kernel","version":{"version_data":[{"version_affected":"<","version_name":"5.9","version_value":"6.4"}]}}]}}]}},"references":{"reference_data":[{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795","refsource":"MISC","name":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795"},{"url":"https://kernel.dance/4bedf9eee016286c835e3d8fa981ddece5338795","refsource":"MISC","name":"https://kernel.dance/4bedf9eee016286c835e3d8fa981ddece5338795"},{"url":"https://www.debian.org/security/2023/dsa-5461","refsource":"MISC","name":"https://www.debian.org/security/2023/dsa-5461"},{"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html"},{"url":"https://security.netapp.com/advisory/ntap-20230818-0005/","refsource":"MISC","name":"https://security.netapp.com/advisory/ntap-20230818-0005/"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"discovery":"EXTERNAL"},"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-07-21 21:15:00","lastModifiedDate":"2023-08-18 14:15:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc4:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc5:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc6:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.4:rc7:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.9","versionEndExcluding":"6.4","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}