CVE-2023-52433

netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction

Severity Score

4.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction
ends. Skip sync GC for such elements otherwise commit path might walk
over an already released object. Once transaction is finished, async GC
will collect such expired element.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nft_set_rbtree: omitir sincronización GC para nuevos elementos en esta transacción los nuevos elementos en esta transacción pueden caducar antes de que finalice dicha transacción. Omita la sincronización del GC para dichos elementos; de lo contrario, la ruta de confirmación podría pasar por encima de un objeto ya liberado. Una vez finalizada la transacción, async GC recopilará dicho elemento caducado.

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an already released object. Once transaction is finished, async GC will collect such expired element.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Multiple

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-20 CVE Reserved
2024-02-20 CVE Published
2024-04-05 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-273: Improper Check for Dropped Privileges

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/f6c383b8c31a93752a52697f8430a71dcbc46adf	Vuln. Introduced
https://git.kernel.org/stable/c/e4d71d6a9c7db93f7bf20c3a0f0659d63d7de681	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/e3213ff99a355cda811b41e8dbb3472d13167a3a	2023-09-19
https://git.kernel.org/stable/c/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4	2023-09-06
https://git.kernel.org/stable/c/9db9feb841f7449772f9393c16b9ef4536d8c127	2024-06-16
https://git.kernel.org/stable/c/03caf75da1059f0460666c826e9f50e13dfd0017	2023-11-28
https://git.kernel.org/stable/c/c323ed65f66e5387ee0a73452118d49f1dae81b8	2023-10-10
https://git.kernel.org/stable/c/9af7dfb3c9d7985172a240f85e684c5cd33e29ce	2023-10-06
https://git.kernel.org/stable/c/9a8c544158f68f656d1734eb5ba00c4f817b76b1	2023-10-06

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.5 < 6.5.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.5 < 6.5.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.5 < 6.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.5 < 6.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.4.11 Search vendor "Linux" for product "Linux Kernel" and version "6.4.11"		en		Affected