CVE-2023-52433

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction

New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an already released object. Once transaction is finished, async GC will collect such expired element.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcb4d00b563675ba8ff6ef94b077f58d816f68ba3 < 9db9feb841f7449772f9393c16b9ef4536d8c127affected
LinuxLinuxc357648929c8dff891502349769aafb8f0452bc2 < 03caf75da1059f0460666c826e9f50e13dfd0017affected
LinuxLinux146c76866795553dbc19998f36718d7986ad302b < c323ed65f66e5387ee0a73452118d49f1dae81b8affected
LinuxLinux479a2cf5259347d6a1f658b0f791d27a34908e91 < 9af7dfb3c9d7985172a240f85e684c5cd33e29ceaffected
LinuxLinuxdf650d6a4bf47248261b61ef6b174d7c54034d15 < 9a8c544158f68f656d1734eb5ba00c4f817b76b1affected
LinuxLinuxf6c383b8c31a93752a52697f8430a71dcbc46adf < e3213ff99a355cda811b41e8dbb3472d13167a3aaffected
LinuxLinuxf6c383b8c31a93752a52697f8430a71dcbc46adf < 2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4affected
LinuxLinuxe4d71d6a9c7db93f7bf20c3a0f0659d63d7de681affected
LinuxLinux6.4.11 < 6.5affected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux6.5.4 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References