CVE-2023-53701Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents3 sources
Severity
5.5MEDIUM
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linux Kernel
Timeline
PublishedOct 22

Description

kernel: Kernel: Denial of Service in Netfilter's nf_tables component A vulnerability was identified in the Linux kernel’s netfilter nf_tables subsystem that could lead to wild memory access under specific conditions. When deleting elements from an anonymous set already removed in the same transaction during nftables operations, internal state handling did not properly deactivate the set, leading to a potential write of invalid memory. On systems with Kernel Address Sanitizer (KASAN) enabled or

Affected Packages2 packages

Linuxlinux/linux_kernel< 4.14.315
Debianlinux/linux_kernel< 5.10.179-1+2

🔴Vulnerability Details

3
OSV
netfilter: nf_tables: deactivate anonymous set from preparation phase2025-10-22
GHSA
GHSA-6474-wrgg-8qcw: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: deactivate anonymous set from preparation phase [ backport2025-10-22
OSV
CVE-2023-53701: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: deactivate anonymous set from preparation phase [ backport f2025-10-22

📋Vendor Advisories

1
Red Hat
kernel: Kernel: Denial of Service in Netfilter's nf_tables component2025-10-22