CVE-2023-52433

CWE-2736 documents6 sources
Severity
4.4MEDIUM
EPSS
0.0%
top 93.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux LinuxLinux Linux KernelNetapp Ontap Tools
Timeline
PublishedFeb 20

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an already released object. Once transaction is finished, async GC will collect such expired element.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.56.5.4
CVEListV5linux/linuxcb4d00b563675ba8ff6ef94b077f58d816f68ba39db9feb841f7449772f9393c16b9ef4536d8c127+8
Debianlinux< 6.5.6-1+1

Also affects: Ontap Tools 10, 9

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
CVEList
netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction2024-02-20
GHSA
GHSA-cmph-x6r4-4whr: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction e2024-02-20
OSV
CVE-2023-52433: In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New e2024-02-20

📋Vendor Advisories

2
Red Hat
kernel: nf_tables: nft_set_rbtree skip sync GC for new elements in this transaction2024-02-20
Debian
CVE-2023-52433: linux - In the Linux kernel, the following vulnerability has been resolved: netfilter: ...2023
CVE-2023-52433 (MEDIUM CVSS 4.4) | In the Linux kernel | cvebase.io