CVE-2023-5197: 
Linux Kernel vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2023-5197) was discovered in the Linux kernel's netfilter: nf_tables component. The vulnerability was discovered by Kevin Rich and disclosed on September 27, 2023. The issue affects Linux kernel versions from 5.9.0 up to (excluding) 6.6, specifically in the netfilter subsystem's handling of rule removal from chain bindings (NVD).

The vulnerability occurs when addition and removal of rules from chain bindings within the same transaction leads to a use-after-free condition. Chain binding only requires rule addition/insertion command within the same transaction, and removal of rules from chain bindings within the same transaction was found to be problematic. The issue has been assigned a CVSS v3.1 base score of 6.6 (Medium) by NIST and 7.8 (High) by Google Inc. The vulnerability is tracked as CWE-416 (Use After Free) (NVD, Kernel Patch).

The vulnerability can be exploited to achieve local privilege escalation. A local attacker with the CAP_NET_ADMIN capability in any user or network namespace could potentially exploit this vulnerability to cause a denial of service (system crash) or execute arbitrary code (Debian Notice).

The vulnerability has been fixed in Linux kernel commit f15f29fd4779be8a418b66e9d52979bb6d6c2325. The fix involves disallowing rule removal from chain binding and replacing nft_chain_is_bound() check with nft_chain_binding() in rule deletion commands. Users are recommended to upgrade their systems to kernel versions containing this fix (Kernel Patch).