« List of all CVEs

CVE-2023-4004

Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()

Published: 7/31/2023 Last updated: 11/8/2025 Reserved: 7/30/2023

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 7.8 High CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (47)

Product Vendor Version
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat <= *
Red Hat Enterprise Linux 8.6 Extended Update Support Red Hat 6.0(2)A6(7)
Red Hat Enterprise Linux 9 Red Hat 7.0(3)I7(2)
Red Hat Enterprise Linux 9 Red Hat 6.2(5a)
Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat 6.2(18)
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Red Hat <= 8.98.8
Red Hat Enterprise Linux 6 Red Hat 1.05B01
Red Hat Enterprise Linux 7 Red Hat 6.0(2)A6(5)
Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat <= 1.5.121
Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat Windows RT 8.1
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat 6.2(5b)
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat < 16.0.1115.1
Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat 7.3(3)N1(1)
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat 12.2.1.4.0
Red Hat Enterprise Linux 8.6 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 9 Red Hat 5.1.2
Red Hat Enterprise Linux 9 Red Hat < 3.2.1
Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat 3.5.0
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Red Hat 6.0(2)U6(3)
Red Hat Enterprise Linux 6 Red Hat n/a
Red Hat Enterprise Linux 7 Red Hat 7.0(3)I7(1)
Red Hat Enterprise Linux 8 Red Hat <= 2.0.0
Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat 7.0(3)F3(5)
Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat <= 5.10.*
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat <= 5.14.*
Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat 7.1(3)N1(3)
Red Hat Enterprise Linux 9 Red Hat <= 7.2.1
Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat 2.2
Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat <= 1.9.1
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat Enterprise Linux 8.2 Telecommunications Update Service Red Hat >= 2.2.0, < 2.2.3
Red Hat Enterprise Linux 8 Red Hat 6.0(2)U6(5)
Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat <= 4.0.13
Red Hat Enterprise Linux 8 Red Hat >= 27.0.0, < 27.0.1
Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat 11.3.0
Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat 6.2(13b)
Red Hat Enterprise Linux 9.0 Extended Update Support Red Hat n/a
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat n/a
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat 7.1(2)N1(1)
Red Hat Enterprise Linux 8 Red Hat gstreamer-plugins-good 1.18.4
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat 4.0
Red Hat Enterprise Linux 8 Red Hat < 5.7
Red Hat Enterprise Linux 8.6 Extended Update Support Red Hat 8.2(3)
Red Hat Enterprise Linux 8.6 Extended Update Support Red Hat 6.0(2)A8(3)
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat <= 6.3.5
Red Hat Enterprise Linux 9 Red Hat 3.2

References (92)