{"id":"CVE-2023-3610","details":"A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nFlaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP_NET_ADMIN to be triggered.\n\nWe recommend upgrading past commit 4bedf9eee016286c835e3d8fa981ddece5338795.","modified":"2026-03-13T07:39:09.696186Z","published":"2023-07-21T21:15:11.820Z","related":["ALSA-2023:5069","ALSA-2023:5091","SUSE-SU-2023:3599-1","SUSE-SU-2023:3599-2","SUSE-SU-2023:3600-1","SUSE-SU-2023:3600-2","SUSE-SU-2023:3656-1","SUSE-SU-2023:3682-1","SUSE-SU-2023:3964-1","SUSE-SU-2023:3969-1","SUSE-SU-2023:3971-1","SUSE-SU-2023:3988-1","SUSE-SU-2023:4766-1","SUSE-SU-2023:4805-1","SUSE-SU-2023:4822-1","SUSE-SU-2023:4841-1","SUSE-SU-2023:4848-1","SUSE-SU-2023:4849-1","SUSE-SU-2023:4872-1","SUSE-SU-2024:3190-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3483-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230818-0005/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5461"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4bedf9eee016286c835e3d8fa981ddece5338795"},{"type":"FIX","url":"https://kernel.dance/4bedf9eee016286c835e3d8fa981ddece5338795"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.9"},{"fixed":"5.10.188"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.119"}]},{"events":[{"introduced":"5.16"},{"fixed":"6.1.36"}]},{"events":[{"introduced":"6.2"},{"fixed":"6.3.10"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3610.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}