Pending AI Enrichment

This vulnerability was recently detected via the live feed and has not yet been processed by Precogs AI's context enrichment engine. The data below represents raw telemetric data.

RAW NVD TELEMETRY

CVE-2023-4623

CVSS Base Score

7.8 HIGH

Primary Weakness

CWE-416

Published Date

Sep 6, 2023

Data Source

NVD API

A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free. We recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.

Related Vulnerabilitiesvia CWE-416

View all CWE-416 vulnerabilities →

Explore Precogs Intelligence

●The Vulnerability Hub ●AI-Generated Code Exploits ●Enterprise Security Guides ●OWASP Top 10 Taxonomy