CVE-2023-31248 Information

Description

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nft_chain_lookup_byid() failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

Reference

https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/ https://www.openwall.com/lists/oss-security/2023/07/05/2 http://www.openwall.com/lists/oss-security/2023/07/05/2