{"id":"CVE-2023-1829","details":"A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.","modified":"2026-03-15T22:46:23.111581Z","published":"2023-04-12T12:15:07.080Z","related":["ALSA-2023:4517","ALSA-2023:4541","MGASA-2023-0148","MGASA-2023-0149","SUSE-SU-2023:2803-1","SUSE-SU-2023:2820-1","SUSE-SU-2023:2831-1","SUSE-SU-2023:2871-1","SUSE-SU-2023:2892-1","SUSE-SU-2023:3302-1","SUSE-SU-2023:3748-1","SUSE-SU-2023:3749-1","SUSE-SU-2023:3768-1","SUSE-SU-2023:3772-1","SUSE-SU-2023:3783-1","SUSE-SU-2023:3784-1","SUSE-SU-2023:3786-1","SUSE-SU-2023:3788-1","SUSE-SU-2023:3809-1","SUSE-SU-2023:3811-1","SUSE-SU-2023:3812-1","SUSE-SU-2023:3838-1","SUSE-SU-2023:3844-1","SUSE-SU-2023:3846-1","SUSE-SU-2023:3889-1","SUSE-SU-2023:3891-1","SUSE-SU-2023:3892-1","SUSE-SU-2023:3893-1","SUSE-SU-2023:3912-1","SUSE-SU-2023:3922-1","SUSE-SU-2023:3928-1","SUSE-SU-2023:4097-1","SUSE-SU-2023:4135-1","SUSE-SU-2023:4136-1","SUSE-SU-2023:4158-1","SUSE-SU-2023:4159-1","SUSE-SU-2023:4160-1","SUSE-SU-2023:4243-1","SUSE-SU-2023:4261-1","SUSE-SU-2023:4264-1","SUSE-SU-2023:4273-1","SUSE-SU-2023:4280-1","SUSE-SU-2023:4319-1","SUSE-SU-2023:4774-1","SUSE-SU-2023:4804-1","SUSE-SU-2023:4845-1","SUSE-SU-2024:0155-1","SUSE-SU-2024:0376-1","SUSE-SU-2024:0377-1","SUSE-SU-2024:0393-1","SUSE-SU-2024:0394-1","SUSE-SU-2024:0410-1","SUSE-SU-2024:0665-1","SUSE-SU-2024:0695-1","SUSE-SU-2024:1275-1","SUSE-SU-2024:1276-1","SUSE-SU-2024:1694-1","SUSE-SU-2024:1708-1","SUSE-SU-2024:1719-1","SUSE-SU-2024:1730-1","SUSE-SU-2024:1738-1","SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2120-1","SUSE-SU-2024:2121-1","SUSE-SU-2024:2130-1","SUSE-SU-2024:2139-1","SUSE-SU-2024:2147-1","SUSE-SU-2024:2148-1","SUSE-SU-2024:2149-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2343-1","SUSE-SU-2024:2344-1","SUSE-SU-2024:2351-1","SUSE-SU-2024:2357-1","SUSE-SU-2024:2369-1","SUSE-SU-2024:2373-1","SUSE-SU-2024:2558-1","SUSE-SU-2024:2559-1","SUSE-SU-2024:2740-1","SUSE-SU-2024:2755-1","SUSE-SU-2024:2758-1","SUSE-SU-2024:2759-1","SUSE-SU-2024:2773-1","SUSE-SU-2024:2792-1","SUSE-SU-2024:2821-1","SUSE-SU-2024:2822-1","SUSE-SU-2024:3015-1","SUSE-SU-2024:3034-1","SUSE-SU-2024:3037-1","SUSE-SU-2024:3039-1","SUSE-SU-2024:3043-1","SUSE-SU-2024:3044-1","SUSE-SU-2024:3048-1","SUSE-SU-2024:3642-1","SUSE-SU-2024:3649-1","SUSE-SU-2024:3651-1","SUSE-SU-2024:3652-1","SUSE-SU-2024:3662-1","SUSE-SU-2024:3663-1","SUSE-SU-2024:3685-1","SUSE-SU-2024:3796-1","SUSE-SU-2024:3798-1","SUSE-SU-2024:3803-1","SUSE-SU-2024:3814-1","SUSE-SU-2024:3820-1","SUSE-SU-2024:3821-1","SUSE-SU-2024:3849-1","SUSE-SU-2024:3854-1","SUSE-SU-2024:4180-1","SUSE-SU-2024:4226-1","SUSE-SU-2024:4242-1","SUSE-SU-2024:4249-1","SUSE-SU-2024:4250-1","SUSE-SU-2024:4256-1","SUSE-SU-2024:4263-1","SUSE-SU-2024:4264-1","SUSE-SU-2025:0091-1","SUSE-SU-2025:0101-1","SUSE-SU-2025:0103-1","SUSE-SU-2025:0106-1","SUSE-SU-2025:0137-1","SUSE-SU-2025:0238-1","SUSE-SU-2025:0240-1","SUSE-SU-2025:0244-1","openSUSE-SU-2024:13281-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230601-0001/"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c710f75256bb3cf05ac7b1672c82b92c43f3d28"},{"type":"FIX","url":"https://kernel.dance/#8c710f75256bb3cf05ac7b1672c82b92c43f3d28"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.14.308"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.276"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.235"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.173"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.100"}]},{"events":[{"introduced":"5.16"},{"fixed":"6.1.18"}]},{"events":[{"introduced":"6.2"},{"fixed":"6.2.5"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1829.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}