CVE-2023-53549Improper Locking in Linux

CWE-667Improper LockingCWE-1050Excessive Platform Resource Consumption within a Loop5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 98.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When adding/deleting large number of elements in one step in ipset, it can take a reasonable amount of time and can result in soft lockup errors. The patch 5f7b51bf09ba ("netfilter: ipset: Limit the maximal range of consecutive elements to add/delete") tried to fix it by limiting the max elements to process at all. However it was not enough, it is still

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.10.1575.10.163+6
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxe62e62ea912a49f7230620f1bdc20410b943a44cee756980e491c829ba0495bb420b7224a9ee26b2+6
debiandebian/linux< linux 6.1.7-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-ff5r-w44x-rq6x: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When a2025-10-04
OSV
CVE-2023-53549: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long task execution when adding/deleting entries When add2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: netfilter: ipset: Rework long task execution when adding/deleting entries2025-10-04
Debian
CVE-2023-53549: linux - In the Linux kernel, the following vulnerability has been resolved: netfilter: ...2023