{"id":"CVE-2023-1281","details":"Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root.\nThis issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.","modified":"2026-03-14T12:01:01.641297Z","published":"2023-03-22T14:15:16.090Z","related":["ALSA-2023:4517","ALSA-2023:4541","SUSE-SU-2023:1800-1","SUSE-SU-2023:1801-1","SUSE-SU-2023:1802-1","SUSE-SU-2023:1803-1","SUSE-SU-2023:1811-1","SUSE-SU-2023:1848-1","SUSE-SU-2023:1892-1","SUSE-SU-2023:1894-1","SUSE-SU-2023:1897-1","SUSE-SU-2023:1992-1","SUSE-SU-2023:2369-1","SUSE-SU-2023:2371-1","SUSE-SU-2023:2376-1","SUSE-SU-2023:2384-1","SUSE-SU-2023:2389-1","SUSE-SU-2023:2399-1","SUSE-SU-2023:2405-1","SUSE-SU-2023:2415-1","SUSE-SU-2023:2416-1","SUSE-SU-2023:2423-1","SUSE-SU-2023:2425-1","SUSE-SU-2023:2431-1","SUSE-SU-2023:2442-1","SUSE-SU-2023:2443-1","SUSE-SU-2023:2448-1","SUSE-SU-2023:2453-1","SUSE-SU-2023:2455-1","SUSE-SU-2023:2459-1","SUSE-SU-2023:2468-1","SUSE-SU-2023:4273-1","SUSE-SU-2023:4280-1","SUSE-SU-2023:4319-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230427-0004/"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee059170b1f7e94e55fa6cadee544e176a6e59c2"},{"type":"FIX","url":"https://kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2023/04/11/3"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.14"},{"fixed":"5.10.169"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.95"}]},{"events":[{"introduced":"5.16"},{"fixed":"6.1.13"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc6"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc7"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2-rc8"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1281.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}