Summary: Security researcher liona24 has analyzed CVE-2024-27397, a critical use-after-free vulnerability in the Linux kernel’s netfilter nf_tables component, which can lead to local privilege escalation. The flaw affects kernel versions 4.1 through 6.8 and has a CVSS score of 7.0, necessitating immediate updates to mitigate risks.
Threat Actor: Local attackers | local attackers
Victim: Linux kernel users | Linux kernel users
Key Point :
- The vulnerability is rooted in the handling of timeouts for elements within NFT sets, leading to potential use-after-free conditions.
- Attackers can exploit the flaw by manipulating reference counts during rollback operations involving expired elements.
- The exploitation method has shown a 90%-100% success rate when ASLR is bypassed.
- This vulnerability was introduced in commit c3e1b005ed1c and has been patched in commit 7395dfacfff65e9938ac0889dafa1ab01e987d15.
- Users are strongly advised to update to the latest kernel versions to mitigate this risk.
The full technical details and a proof-of-concept (PoC) exploit code for CVE-2024-27397 is available on Github.