CVE-2023-4147: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-4147 is a use-after-free vulnerability discovered in the Linux kernel's Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. The vulnerability was discovered by Kevin Rich and fixed in Linux kernel version 6.5-rc4 (Kernel Commit). The vulnerability affects Linux kernel versions prior to 6.5-rc4 and has been assigned a CVSS score of 7.8 (HIGH) (NVD).

The vulnerability occurs in the Netfilter subsystem when adding a rule with NFTA_RULE_CHAIN_ID parameter. The issue stems from improper handling of chain binding transaction logic, which can lead to a use-after-free condition. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 with the vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with low complexity and no user interaction needed (Red Hat).

Successful exploitation of this vulnerability allows a local user with the CAP_NET_ADMIN capability in any user or network namespace to crash the system or escalate their privileges (Red Hat). The vulnerability can lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS) (NetApp Advisory).

The vulnerability has been fixed in Linux kernel version 6.5-rc4 through a patch that disallows rule addition to bound chain via NFTA_RULE_CHAIN_ID (Kernel Commit). Various Linux distributions have released security updates to address this vulnerability, including Red Hat Enterprise Linux and Debian (Red Hat, Debian).