CVE-2023-4147
Kernel: netfilter: nf_tables_newrule when adding a rule with nfta_rule_chain_id leads to use-after-free
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system.
| CWE | CWE-416 |
| Vendor | red hat |
| Product | red hat enterprise linux 9 |
| Published | Aug 7, 2023 |
| Last Updated | Feb 25, 2026 |
Stay Ahead of the Next One
Get instant alerts for red hat red hat enterprise linux 9
Be the first to know when new high vulnerabilities affecting red hat red hat enterprise linux 9 are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 9.0 Extended Update Support
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected References
access.redhat.com: https://access.redhat.com/errata/RHSA-2023:5069 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:5091 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:5093 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:7382 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:7389 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:7411 access.redhat.com: https://access.redhat.com/security/cve/CVE-2023-4147 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2225239 git.kernel.org: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0ebc1064e4874d5987722a2ddbc18f94aa53b211 spinics.net: https://www.spinics.net/lists/stable/msg671573.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html security.netapp.com: https://security.netapp.com/advisory/ntap-20231020-0006/ debian.org: https://www.debian.org/security/2023/dsa-5480 debian.org: https://www.debian.org/security/2023/dsa-5492