Vulnerability-Lookup

BDU:2024-01803

Vulnerability from fstec - Published: 20.09.2023

Title

Уязвимость функции nft_trans_gc_{queue_async_done,space}() в модуле net/netfilter/nf_tables_api.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Description

Уязвимость функции nft_trans_gc_{queue_async_done,space}() в модуле net/netfilter/nf_tables_api.c ядра операционной системы Linux связана с ошибками освобождения памяти. Эксплуатация уязвимости может позволить нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity


                    
                      AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

ООО «Ред Софт», Novell Inc., Сообщество свободного программного обеспечения

Software Name

РЕД ОС (запись в едином реестре российских программ №3751), Suse Linux Enterprise Server, Suse Linux Enterprise Desktop, SUSE Manager Retail Branch Server, SUSE Manager Proxy, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Module for Basesystem, SUSE Linux Enterprise Micro, SUSE Linux Enterprise Module for SAP Applications, SUSE Linux Enterprise Module for Development Tools, SUSE Linux Enterprise Module for Public Cloud, SUSE Linux Enterprise Real Time, SUSE Real Time Module, Linux

Software Version

7.3 (РЕД ОС), 15 SP4 (Suse Linux Enterprise Server), 15 SP4 (Suse Linux Enterprise Desktop), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Module for Basesystem), 5.3 (SUSE Linux Enterprise Micro), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP4 (SUSE Linux Enterprise Module for SAP Applications), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Basesystem), 15 SP5 (SUSE Linux Enterprise Module for Development Tools), 15 SP5 (SUSE Linux Enterprise Module for Public Cloud), 15 SP4 (SUSE Linux Enterprise Real Time), 15 SP5 (SUSE Linux Enterprise Real Time), 5.4 (SUSE Linux Enterprise Micro), 15 SP5 (SUSE Linux Enterprise Module for SAP Applications), 5.5 (SUSE Linux Enterprise Micro), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP5 (SUSE Real Time Module), 15 SP4 (SUSE Real Time Module), от 6.4.11 до 6.5.5 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6 https://git.kernel.org/linus/cf5000a7787cbc10341091d37245a42c119d26c5 https://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8 https://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14 https://git.kernel.org/stable/c/7cf055b43756b10aa2b851c927c940f5ed652125 https://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07 https://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01 https://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5 https://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171 Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2023-52581.html Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Reference

http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52581 https://git.kernel.org/linus/cf5000a7787cbc10341091d37245a42c119d26c5 https://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8 https://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14 https://git.kernel.org/stable/c/7cf055b43756b10aa2b851c927c940f5ed652125 https://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07 https://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01 https://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5 https://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6 https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/ https://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/T/#u https://security-tracker.debian.org/tracker/CVE-2023-52581 https://vuldb.com/ru/?id.255528 https://www.cve.org/CVERecord?id=CVE-2023-52581 https://www.suse.com/security/cve/CVE-2023-52581.html

CWE

CWE-401, CWE-772

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), 15 SP4 (Suse Linux Enterprise Server), 15 SP4 (Suse Linux Enterprise Desktop), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 15 SP4 (SUSE Linux Enterprise Module for Basesystem), 5.3 (SUSE Linux Enterprise Micro), 15 SP5 (Suse Linux Enterprise Server), 15 SP5 (Suse Linux Enterprise Desktop), 15 SP4 (SUSE Linux Enterprise Module for SAP Applications), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Basesystem), 15 SP5 (SUSE Linux Enterprise Module for Development Tools), 15 SP5 (SUSE Linux Enterprise Module for Public Cloud), 15 SP4 (SUSE Linux Enterprise Real Time), 15 SP5 (SUSE Linux Enterprise Real Time), 5.4 (SUSE Linux Enterprise Micro), 15 SP5 (SUSE Linux Enterprise Module for SAP Applications), 5.5 (SUSE Linux Enterprise Micro), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), 15 SP5 (SUSE Real Time Module), 15 SP4 (SUSE Real Time Module), \u043e\u0442 6.4.11 \u0434\u043e 6.5.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6\nhttps://git.kernel.org/linus/cf5000a7787cbc10341091d37245a42c119d26c5\nhttps://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8\nhttps://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14\nhttps://git.kernel.org/stable/c/7cf055b43756b10aa2b851c927c940f5ed652125\nhttps://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07\nhttps://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01\nhttps://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5\nhttps://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2023-52581.html\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "20.09.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.12.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.03.2024",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-01803",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-52581",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Suse Linux Enterprise Server, Suse Linux Enterprise Desktop, SUSE Manager Retail Branch Server, SUSE Manager Proxy, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Module for Basesystem, SUSE Linux Enterprise Micro, SUSE Linux Enterprise Module for SAP Applications, SUSE Linux Enterprise Module for Development Tools, SUSE Linux Enterprise Module for Public Cloud, SUSE Linux Enterprise Real Time, SUSE Real Time Module, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Novell Inc. Suse Linux Enterprise Server 15 SP4 , Novell Inc. Suse Linux Enterprise Desktop 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Desktop 15 SP5 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP4 , Novell Inc. SUSE Linux Enterprise Real Time 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.4.11 \u0434\u043e 6.5.5 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 nft_trans_gc_{queue_async_done,space}() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 net/netfilter/nf_tables_api.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401), \u041d\u0435\u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 \u043f\u043e\u0441\u043b\u0435 \u0438\u0441\u0442\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u0440\u043e\u043a\u0430 \u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f (CWE-772)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 nft_trans_gc_{queue_async_done,space}() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 net/netfilter/nf_tables_api.c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52581\nhttps://git.kernel.org/linus/cf5000a7787cbc10341091d37245a42c119d26c5\nhttps://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8\nhttps://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14\nhttps://git.kernel.org/stable/c/7cf055b43756b10aa2b851c927c940f5ed652125\nhttps://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07\nhttps://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01\nhttps://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5\nhttps://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.6\nhttps://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/\nhttps://lore.kernel.org/linux-cve-announce/2024030258-CVE-2023-52581-2165@gregkh/T/#u\nhttps://security-tracker.debian.org/tracker/CVE-2023-52581\nhttps://vuldb.com/ru/?id.255528\nhttps://www.cve.org/CVERecord?id=CVE-2023-52581\nhttps://www.suse.com/security/cve/CVE-2023-52581.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-401, CWE-772",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,4)\n\u041d\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 4.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 0)"
}

CVE-2023-52581 (GCVE-0-2023-52581)

Vulnerability from cvelistv5 – Published: 2024-03-02 21:59 – Updated: 2026-05-23 15:26

Title

netfilter: nf_tables: fix memleak when more than 255 elements expired

Summary

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before reaching the boundary and nft_trans_gc_space() always returns true. This means we recycle the initial gc container structure and lose track of the elements that came before. While at it, don't deref 'gc' after we've passed it to call_rcu.

Severity

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-noinfo Not enough information

Assigner

Linux

References

7 references

URL	Tags
https://git.kernel.org/stable/c/7cf055b43756b10aa…
https://git.kernel.org/stable/c/a995a68e8a3b48533…
https://git.kernel.org/stable/c/09c85f2d21ab6b5ac…
https://git.kernel.org/stable/c/ef99506eaf1dc31fe…
https://git.kernel.org/stable/c/7e5d732e6902eb6a3…
https://git.kernel.org/stable/c/4aea243b6853d06c1…
https://git.kernel.org/stable/c/cf5000a7787cbc103…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 8da1b048f9a501d3d7d38c188ba09d7d0d5b8c27 , < 7cf055b43756b10aa2b851c927c940f5ed652125 (git) Affected: bbdb3b65aa91aa0a32b212f27780b28987f2d94f , < a995a68e8a3b48533e47c856865d109a1f1a9d01 (git) Affected: 448be0774882f95a74fa5eb7519761152add601b , < 09c85f2d21ab6b5acba31a037985b13e8e6565b8 (git) Affected: d19e8bf3ea4114dd21fc35da21f398203d7f7df1 , < ef99506eaf1dc31feff1adfcfd68bc5535a22171 (git) Affected: ea3eb9f2192e4fc33b795673e56c97a21987f868 , < 7e5d732e6902eb6a37b35480796838a145ae5f07 (git) Affected: 5f68718b34a531a556f2f50300ead2862278da26 , < 4aea243b6853d06c1d160a9955b759189aa02b14 (git) Affected: 5f68718b34a531a556f2f50300ead2862278da26 , < cf5000a7787cbc10341091d37245a42c119d26c5 (git) Affected: 0624f190b5742a1527cd938295caa8dc5281d4cd (git) Affected: 6.4.11 , < 6.5 (semver)
Linux	Linux	Affected: 6.5 Unaffected: 0 , < 6.5 (semver) Unaffected: 6.5.6 , ≤ 6.5.* (semver) Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52581",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T20:19:37.141289Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T14:54:23.969Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:21.164Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7cf055b43756b10aa2b851c927c940f5ed652125"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_tables.h",
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7cf055b43756b10aa2b851c927c940f5ed652125",
              "status": "affected",
              "version": "8da1b048f9a501d3d7d38c188ba09d7d0d5b8c27",
              "versionType": "git"
            },
            {
              "lessThan": "a995a68e8a3b48533e47c856865d109a1f1a9d01",
              "status": "affected",
              "version": "bbdb3b65aa91aa0a32b212f27780b28987f2d94f",
              "versionType": "git"
            },
            {
              "lessThan": "09c85f2d21ab6b5acba31a037985b13e8e6565b8",
              "status": "affected",
              "version": "448be0774882f95a74fa5eb7519761152add601b",
              "versionType": "git"
            },
            {
              "lessThan": "ef99506eaf1dc31feff1adfcfd68bc5535a22171",
              "status": "affected",
              "version": "d19e8bf3ea4114dd21fc35da21f398203d7f7df1",
              "versionType": "git"
            },
            {
              "lessThan": "7e5d732e6902eb6a37b35480796838a145ae5f07",
              "status": "affected",
              "version": "ea3eb9f2192e4fc33b795673e56c97a21987f868",
              "versionType": "git"
            },
            {
              "lessThan": "4aea243b6853d06c1d160a9955b759189aa02b14",
              "status": "affected",
              "version": "5f68718b34a531a556f2f50300ead2862278da26",
              "versionType": "git"
            },
            {
              "lessThan": "cf5000a7787cbc10341091d37245a42c119d26c5",
              "status": "affected",
              "version": "5f68718b34a531a556f2f50300ead2862278da26",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "0624f190b5742a1527cd938295caa8dc5281d4cd",
              "versionType": "git"
            },
            {
              "lessThan": "6.5",
              "status": "affected",
              "version": "6.4.11",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_tables.h",
            "net/netfilter/nf_tables_api.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.5"
            },
            {
              "lessThan": "6.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.6",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "6.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.4.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix memleak when more than 255 elements expired\n\nWhen more than 255 elements expired we\u0027re supposed to switch to a new gc\ncontainer structure.\n\nThis never happens: u8 type will wrap before reaching the boundary\nand nft_trans_gc_space() always returns true.\n\nThis means we recycle the initial gc container structure and\nlose track of the elements that came before.\n\nWhile at it, don\u0027t deref \u0027gc\u0027 after we\u0027ve passed it to call_rcu."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:26:26.550Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7cf055b43756b10aa2b851c927c940f5ed652125"
        },
        {
          "url": "https://git.kernel.org/stable/c/a995a68e8a3b48533e47c856865d109a1f1a9d01"
        },
        {
          "url": "https://git.kernel.org/stable/c/09c85f2d21ab6b5acba31a037985b13e8e6565b8"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef99506eaf1dc31feff1adfcfd68bc5535a22171"
        },
        {
          "url": "https://git.kernel.org/stable/c/7e5d732e6902eb6a37b35480796838a145ae5f07"
        },
        {
          "url": "https://git.kernel.org/stable/c/4aea243b6853d06c1d160a9955b759189aa02b14"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf5000a7787cbc10341091d37245a42c119d26c5"
        }
      ],
      "title": "netfilter: nf_tables: fix memleak when more than 255 elements expired",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52581",
    "datePublished": "2024-03-02T21:59:47.856Z",
    "dateReserved": "2024-03-02T21:55:42.569Z",
    "dateUpdated": "2026-05-23T15:26:26.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2024-01803

CVE-2023-52581 (GCVE-0-2023-52581)

Tags

Sightings

Nomenclature