5.5
CVE-2023-53304
- EPSS 0.15%
- Veröffentlicht 16.09.2025 16:11:44
- Zuletzt bearbeitet 14.01.2026 19:16:23
- CVE-Watchlists
- Unerledigt
netfilter: nft_set_rbtree: fix overlap expiration walk
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with tests/shell/testcases/sets/0044interval_overlap_0 in nftables.git and kmemleak enabled kernel. Second bug is the use of rbe_prev vs. prev pointer. If rbe_prev() returns NULL after at least one iteration, rbe_prev points to element that is not an end interval, hence it should not be removed. Lastly, check the genmask of the end interval if this is active in the current generation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10.166 < 5.10.190
Linux ≫ Linux Kernel Version >= 5.15.91 < 5.15.124
Linux ≫ Linux Kernel Version >= 6.1.9 < 6.1.43
Linux ≫ Linux Kernel Version >= 6.2.1 < 6.4.8
Linux ≫ Linux Kernel Version6.2 Update-
Linux ≫ Linux Kernel Version6.2 Updaterc6
Linux ≫ Linux Kernel Version6.2 Updaterc7
Linux ≫ Linux Kernel Version6.2 Updaterc8
Linux ≫ Linux Kernel Version6.5 Updaterc1
Linux ≫ Linux Kernel Version6.5 Updaterc2
Linux ≫ Linux Kernel Version6.5 Updaterc3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.041 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/8284a79136c384059e85e278da2210b809730287
https://git.kernel.org/stable/c/acaee227cf79c45a5d2d49c3e9a66333a462802c
https://git.kernel.org/stable/c/893cb3c3513cf661a0ff45fe0cfa83fe27131f76
https://git.kernel.org/stable/c/50cbb9d195c197af671869c8cadce3bd483735a0
https://git.kernel.org/stable/c/89a4d1a89751a0fbd520e64091873e19cc0979e8
https://git.kernel.org/stable/c/cd66733932399475fe933cb3ec03e687ed401462
https://git.kernel.org/stable/c/f718863aca469a109895cb855e6b81fff4827d71