CVE-2023-4921

A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq_dequeue() due to the incorrect .peek handler of sch_plug and lack of error checking in agg_dequeue(). We recommend upgrading past commit 8fc134fee27f2263988ae38920bc03da416b03d8.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8fc134fee27f2263988ae38920bc03da416b03d8 - Exploit, Mailing List, Patch, Vendor Advisory () https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8fc134fee27f2263988ae38920bc03da416b03d8 - Exploit, Mailing List, Patch, Vendor Advisory
References () https://kernel.dance/8fc134fee27f2263988ae38920bc03da416b03d8 - Exploit, Patch, Vendor Advisory () https://kernel.dance/8fc134fee27f2263988ae38920bc03da416b03d8 - Exploit, Patch, Vendor Advisory
References () https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html - Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html - Mailing List, Third Party Advisory

26 Aug 2024, 16:06

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-12 20:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-4921

Mitre link : CVE-2023-4921

CVE.ORG link : CVE-2023-4921


JSON object : View

Products Affected

debian

  • debian_linux

linux

  • linux_kernel
CWE
CWE-416

Use After Free