CVE-2023-42753: An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array…

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

Affected

34 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	linux	< linux 6.1.55-1 (bookworm)	linux 6.1.55-1 (bookworm)
google	chrome_chrome	—	—
linux	linux_kernel	>= 0 < 5.10.197-1	5.10.197-1
linux	linux_kernel	>= 0 < 6.1.55-1	6.1.55-1
linux	linux_kernel	>= 0 < 6.5.3-1	6.5.3-1
linux	linux_kernel	>= 0 < 6.5.3-1	6.5.3-1
linux	linux_kernel	>= 0 < 5.4.0-165.182	5.4.0-165.182
linux	linux_kernel	>= 0 < 5.15.0-87.97	5.15.0-87.97
linux	linux_kernel	>= 0 < 4.4.0-246.280	4.4.0-246.280
linux	linux_kernel	>= 0 < 4.15.0-219.230	4.15.0-219.230
linux	linux_kernel	>= 0 < 5.4.0-165.182	5.4.0-165.182
linux	linux_kernel	>= 0 < 5.15.0-87.97	5.15.0-87.97
linux	linux_kernel	>= 4.14.84 < 4.15	4.15
linux	linux_kernel	>= 4.19.5 < 4.19.295	4.19.295
linux	linux_kernel	>= 4.20 < 5.4.257	5.4.257
linux	linux_kernel	>= 4.4.165 < 4.5	4.5
linux	linux_kernel	>= 4.9.141 < 4.10	4.10
linux	linux_kernel	>= 5.11 < 5.15.132	5.15.132
linux	linux_kernel	>= 5.16 < 6.1.53	6.1.53
linux	linux_kernel	>= 5.5 < 5.10.195	5.10.195
linux	linux_kernel	>= 6.2 < 6.4.16	6.4.16
linux	linux_kernel	>= 6.5 < 6.5.3	6.5.3
msrc	cbl2_hyperv-daemons_5.15.133.1-1_on_cbl_mariner_2.0	—	—
msrc	cbl2_kernel_5.15.135.1-2_on_cbl_mariner_2.0	—	—

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

osv7.8HIGH