Does vulnerability CVE-2023-32233 impact the Messaging Gateway?

search cancel

Does vulnerability CVE-2023-32233 impact the Messaging Gateway?

book

Article ID: 266355

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

CVE-2023-32233 - kernel memory use after free

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory.

Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

Is Symantec Messaging Gateway affected by CVE-2023-32233 ?

Environment

Release : 10.8.0 and earlier

Resolution

The CVE-2023-32233 vulnerability cannot be exploited in SMG version 10.8.0 and earlier.

Additional Information

Please see

https://seclists.org/oss-sec/2023/q2/159
https://nvd.nist.gov/vuln/detail/CVE-2023-32233

Feedback

thumb_up Yes

thumb_down No