CVE-2023-54200Multiple Releases of Same Resource or Handle in Linux

CWE-1341Multiple Releases of Same Resource or Handle7 documents6 sources
Severity
6.4MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always release netdev hooks from notifier This reverts "netfilter: nf_tables: skip netdev events generated on netns removal". The problem is that when a veth device is released, the veth release callback will also queue the peer netns device for removal. Its possible that the peer netns is also slated for removal. In this case, the device memory is already released before the pre_exit hook of the peer n

Affected Packages4 packages

Linuxlinux/linux_kernel5.15.05.15.113+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux68a3765c659f809dcaac20030853a054646eb7398d56f00c61f67b450fbbdcb874855e60ad92c560+5
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-jgcg-mpfg-g663: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always release netdev hooks from notifier This reverts "ne2025-12-30
OSV
netfilter: nf_tables: always release netdev hooks from notifier2025-12-30
OSV
CVE-2023-54200: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always release netdev hooks from notifier This reverts "netf2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: netfilter use-after-free vulnerability leading to denial of service2025-12-30
Debian
CVE-2023-54200: linux - In the Linux kernel, the following vulnerability has been resolved: netfilter: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54200 Impact, Exploitability, and Mitigation Steps | Wiz