May 24, 2024

Taylor Daily Press

Complete News World

The vulnerability gives Netfilter attackers free access to the Linux kernel

The vulnerability gives Netfilter attackers free access to the Linux kernel

Security researchers have discovered a vulnerability in Linux Netfilter that could give attackers root privileges. More information will be published on May 15th.

The vulnerability number has already been assigned (CVE-2023-32233), but there is not yet a score for expressing seriousness in a number out of ten. Netfilter is the part of the Linux kernel that organizes network connections. The vulnerability is believed to be caused by a flaw in the framework that causes Netfilter to accept invalid updates for its configuration.

It allows attackers to develop invalid batch requests that can lead to system corruption which can give attackers free access to the Linux kernel. Once successful, they can read and rewrite the memory in the kernel, taking over the entire system. The vulnerability affects several kernel versions, including the latest stable v6.3.1. Local access to a Linux machine is required to exploit the vulnerability.

More information on May 15th

More information is not yet known about the CVE-2023-32233 vulnerability. The Linux development team has just been briefed, and it is customary to refrain from publicly disclosing the vulnerability to give developers a head start against attackers in creating a fix. On May 15, the researchers will publish their results and proof of concept.

A kernel contribution has been introduced with two new Netfilter functions to manage the lifecycle of anonymous collections. Deactivating anonymous groups in time should prevent Netfilter from accepting invalid updates and malicious people from entering the kernel. This would give impetus to the development of the patch.