CVE-2023-52620

netfilter: nf_tables: disallow timeout for anonymous sets

Severity Score

2.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: disallow timeout for anonymous sets

Never used from userspace, disallow these parameters.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: netfilter: nf_tables: no permite el tiempo de espera para conjuntos anónimos Nunca se usa desde el espacio de usuario, no permita estos parámetros.

A vulnerability was found in netfilter/nf_tables componets of Linux Kernel allows an userspace to set timeouts for anonymous sets, which are not intended to be used this way. This could lead to unexpected behaviour or security issues.

*Credits: N/A

CVSS Scores

CISAv3.1 2.5

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-06 CVE Reserved
2024-03-21 CVE Published
2024-04-14 EPSS Updated
2024-11-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-99: Improper Control of Resource Identifiers ('Resource Injection')

CAPEC

References (10)

URL	Tag	Source
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c	2024-04-13
https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268	2024-04-13
https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323	2024-04-13
https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e	2024-03-06
https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b	2024-03-06
https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab	2023-06-20

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-52620	2024-05-22
https://bugzilla.redhat.com/show_bug.cgi?id=2270883	2024-05-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.312 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.312"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.274 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.274"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.215 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.215"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15.151 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.151"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.1.81 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.81"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 6.4 Search vendor "Linux" for product "Linux Kernel" and version " < 6.4"		en		Affected