← voltar
CVE-2023-52581

netfilter: nf_tables: fix memleak when more than 255 elements expired

CVSS 6.3 MEDIUMEPSS 0.3%
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
02 mar 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before reaching the boundary and nft_trans_gc_space() always returns true. This means we recycle the initial gc container structure and lose track of the elements that came before. While at it, don't deref 'gc' after we've passed it to call_rcu.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Produtos afetados
Linux · Linux

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →