A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.
The CVE-2023–32233 identifier has been reserved for the vulnerability, but a severity level is yet to be determined.
The security problem stems from Netfilter nf_tables accepting invalid updates to its configuration, allowing specific scenarios where invalid batch requests lead to the corruption of the subsystem’s internal state.
Leave a reply