Cyber Resilience

CVE-2024-0193

HighUpdated

Published: 02 January 2024

Published
02 January 2024
Modified
05 June 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0014 34.1th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-0193 is a high-severity Use After Free (CWE-416) vulnerability in Redhat Enterprise Linux For Ibm Z Systems. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 34.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN…

more

object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Use-after-free vulnerability in Linux kernel netfilter (nftables) allows local unprivileged user with CAP_NET_ADMIN to escalate privileges via exploitation.

Affected Assets

redhat
codeready linux builder for eus
9.2, 9.4, 9.6
redhat
codeready linux builder for ibm z systems eus
9.2_s390x, 9.4_s390x, 9.6_s390x
redhat
codeready linux builder for power little endian eus
9.2, 9.4_ppc64le, 9.6_ppc64le
redhat
enterprise linux
9.0, 9.2
redhat
enterprise linux for els
9.2, 9.4, 9.6
redhat
enterprise linux for eus
9.2, 9.4, 9.6
redhat
enterprise linux for ibm z systems
9.0_s390x, 9.2_s390x, 9.4_s390x, 9.6_s390x
redhat
enterprise linux for ibm z systems els
9.2, 9.4_s390x, 9.6_s390x
redhat
enterprise linux for ibm z systems eus
9.2, 9.4_s390x, 9.6_s390x
redhat
enterprise linux for power little endian els
9.2, 9.4_ppc64le, 9.6_ppc64le
+12 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-416

Use-after-free exploits that achieve arbitrary code execution are blocked or significantly hardened by non-executable pages and ASLR.

References