CVE-2023-32233
Description
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
NVD
Severity: HIGH
CVE ID: CVE-2023-32233
CVSS Score: 7.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
PIDAN-HEIDASHUAI
自用,poc作者为Piotr Krysiuk,在使用前请先阅读README.md
Refrence: GitHub
Liuk3r
CVE-2023-32233: Linux内核中的安全漏洞
Refrence: GitHub
oferchen
Use-After-Free in Netfilter nf_tables when processing batch requests CVE-2023-32233
Refrence: GitHub
RogelioPumajulca
CVE-2023-32233
Refrence: GitHub
void0red
Refrence: GitHub