Three vulnerabilities were identified in the Linux core:
CVE-2023-31248 is a vulnerability in the Netfilter subsystem of the Linux kernel. This vulnerability allows a local user to execute code at the kernel level. The issue arises from a USE-After-Free memory appeal in the NF_Tables module, which is responsible for the operation of the NFTABLES package filter. The problem is caused by the lack of proper verification of the chain’s state during the search operation in the chain with the NFT_Chain_Lookup_BYID function, which may return references to already removed nf_tables chain. To carry out an attack, access to nftables is required, which can be obtained with the CAP_NET_ADMIN rights in any user identifier or network namespace. This can be achieved, for example, in isolated containers. This vulnerability occurs from kernel version 5.9 onwards. The problem is currently resolved through patches.
CVE-2023-35001 is a vulnerability in the NF_TABLES module of the Linux kernel. This vulnerability allows a local user to execute code at the kernel level. The vulnerability is caused by incorrect pointer manipulations when processing nFT_BYTEORDER expressions, leading to accessing memory outside the end of the array. CAP_NET_ADMIN rights are required to exploit this vulnerability. The issue occurs from kernel version 3.13 and is currently resolved through patches.
CVE-2023-1829 is a vulnerability in the Tcindex traffic classifier, which is part of the Linux QOS (Quality of Service) subsystem. This vulnerability allows a local user to execute code at the kernel level. The vulnerability has been demonstrated in Ubuntu. The issue is caused by the absence of a check for the existence of an object before cleaning the associated memory, leading to a double call of the Free() function. The problem is resolved by removing the Tcindex model from the