VDB

CISA-2020-36694

CISA-2020-36694 PUBLISHED CVSS 6.7 MEDIUM

Reported by mitre · Published May 21, 2023

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12.

Risk Scores

CVSS 3.1
6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
n/an/an/a
n/an/an/a, n/a

Timeline

  • May 21, 2023 CVE Published
  • Jan 31, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›