CVE-2023-53304
netfilter: nft_set_rbtree: fix overlap expiration walk
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.5EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
16 sep 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: fix overlap expiration walk
The lazy gc on insert that should remove timed-out entries fails to release
the other half of the interval, if any.
Can be reproduced with tests/shell/testcases/sets/0044interval_overlap_0
in nftables.git and kmemleak enabled kernel.
Second bug is the use of rbe_prev vs. prev pointer.
If rbe_prev() returns NULL after at least one iteration, rbe_prev points
to element that is not an end interval, hence it should not be removed.
Lastly, check the genmask of the end interval if this is active in the
current generation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Linux · LinuxReferencias
https://git.kernel.org/stable/c/50cbb9d195c197af671869c8cadce3bd483735a0https://git.kernel.org/stable/c/8284a79136c384059e85e278da2210b809730287https://git.kernel.org/stable/c/893cb3c3513cf661a0ff45fe0cfa83fe27131f76https://git.kernel.org/stable/c/89a4d1a89751a0fbd520e64091873e19cc0979e8https://git.kernel.org/stable/c/acaee227cf79c45a5d2d49c3e9a66333a462802chttps://git.kernel.org/stable/c/cd66733932399475fe933cb3ec03e687ed401462https://git.kernel.org/stable/c/f718863aca469a109895cb855e6b81fff4827d71