CVE-2023-1829

HIGH

Linux Kernel - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-1829. PoCs published by lanleft.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2023-1829, targeting a Linux kernel vulnerability. The exploit leverages netlink operations to achieve local privilege escalation (LPE) by manipulating traffic control (tc) filters and actions.

Description

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

Exploits (1)

nomisec WORKING POC 73 stars
by lanleft · poc
https://github.com/lanleft/CVE-2023-1829

This repository contains a proof-of-concept exploit for CVE-2023-1829, targeting a Linux kernel vulnerability. The exploit leverages netlink operations to achieve local privilege escalation (LPE) by manipulating traffic control (tc) filters and actions.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel 5.15.0-25.25 (Ubuntu 22.04)
No auth needed
Prerequisites: Linux kernel 5.15.0-25.25 · libnftnl-dev and libmnl-dev dependencies · Netlink access
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 7.8
EPSS 0.0103
EPSS Percentile 59.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-416
Status published
Products (1)
linux/linux_kernel < 4.14.308
Published Apr 12, 2023
Tracked Since Feb 18, 2026