Use-after-free vulnerability in the Linux kernel's nf_tablesID: oval:org.secpod.oval:def:99038 | Date: (C)2024-04-12 (M)2024-04-29 |
Class: VULNERABILITY | Family: unix |
A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nft_verdict_init() function, allowing positive values as a drop error within the hook verdict, therefore, the nf_hook_slow() function can cause a double-free vulnerability when NF_DROP is issued with a drop error that resembles NF_ACCEPT. The nf_tables component can be exploited to achieve local privilege escalation.
Platform: |
Red Hat Enterprise Linux 9 |