ГлавнаяУязвимости → CVE-2024-0193
7.8высокая

CVE-2024-0193

→ есть в БДУ: BDU:2024-00096 (на русском)
Описание (на английском; русское — в БДУ выше)

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

Затрагиваемое ПО
Redhat Codeready linux builder for eusRedhat Codeready linux builder for ibm z systems eusRedhat Codeready linux builder for power little endian eusRedhat Enterprise linuxRedhat Enterprise linux for elsRedhat Enterprise linux for eusRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems elsRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endian elsRedhat Enterprise linux for power little endian eusRedhat Enterprise linux for update services for sap solutionsRedhat Enterprise linux server ausRedhat Enterprise linux server for power little endian update services for sap solutionsRedhat Codeready linux builderRedhat Codeready linux builder for ibm z systemsRedhat Codeready linux builder for power little endianRedhat Enterprise linux for arm 64Redhat Enterprise linux for arm 64 elsRedhat Enterprise linux for arm 64 eusLinux Linux kernelRedhat Openshift loggingRedhat Enterprise linux for power little endian
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2024:1018https://access.redhat.com/errata/RHSA-2024:1019https://access.redhat.com/errata/RHSA-2024:1248https://access.redhat.com/errata/RHSA-2024:2094https://access.redhat.com/errata/RHSA-2024:4412https://access.redhat.com/errata/RHSA-2024:4415https://access.redhat.com/security/cve/CVE-2024-0193https://bugzilla.redhat.com/show_bug.cgi?id=2255653