PoC Exploit Published for Linux Kernel Privilege Escalation Flaw

Security researchers published the technical details and a proof-of-concept (PoC) exploit for a CVE-2023-4147 flaw in the Linux Kernel, potentially allowing attackers to escalate privileges and compromise system security. This vulnerability, with a CVSS score of 7.8, highlights a use-after-free flaw within the Netfilter functionality, a critical component of the Linux firewall system.

The vulnerability is a use-after-free (UAF) flaw in the Linux Netfilter framework, specifically within the handling of NFTA_RULE_CHAIN_ID when adding rules. Netfilter, a key subsystem for network packet filtering, firewalling, and Network Address Translation (NAT), is central to many Linux distributions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges or cause the system to crash.

Normally, adding a new rule to a bound chain is disallowed by nf_tables_newrule. However, when adding a rule with NFTA_RULE_CHAIN_ID, a rule is added to the bound chain, bypassing the intended restriction.

This inconsistency creates a scenario where a chain with the NFT_CHAIN_BINDING flag set can be bound to an immediate expression. When this expression is destroyed, the bound chain and its rules are also destroyed, leading to a use-after-free situation.

A proof-of-concept (PoC) exploit for CVE-2023-4147 has been published on GitHub, increasing the urgency for patching. The availability of exploit code lowers the barrier for attackers to develop real-world exploits, amplifying the risk to unpatched systems.

The vulnerability affects Linux Kernel versions v5.9-rc1 to v6.5-rc3. Users and administrators are strongly advised to update their systems to the latest patched versions to mitigate the risk of exploitation.

Related Posts:

Source:
https://securityonline.info/linux-kernel-vulnerability-cve-2023-4147-poc-exploit-published-for-privilege-escalation-flaw