CVE-2023-53304
netfilter: nft_set_rbtree: fix overlap expiration walk
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 5.5EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
16 set 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: fix overlap expiration walk
The lazy gc on insert that should remove timed-out entries fails to release
the other half of the interval, if any.
Can be reproduced with tests/shell/testcases/sets/0044interval_overlap_0
in nftables.git and kmemleak enabled kernel.
Second bug is the use of rbe_prev vs. prev pointer.
If rbe_prev() returns NULL after at least one iteration, rbe_prev points
to element that is not an end interval, hence it should not be removed.
Lastly, check the genmask of the end interval if this is active in the
current generation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxReferências
https://git.kernel.org/stable/c/50cbb9d195c197af671869c8cadce3bd483735a0https://git.kernel.org/stable/c/8284a79136c384059e85e278da2210b809730287https://git.kernel.org/stable/c/893cb3c3513cf661a0ff45fe0cfa83fe27131f76https://git.kernel.org/stable/c/89a4d1a89751a0fbd520e64091873e19cc0979e8https://git.kernel.org/stable/c/acaee227cf79c45a5d2d49c3e9a66333a462802chttps://git.kernel.org/stable/c/cd66733932399475fe933cb3ec03e687ed401462https://git.kernel.org/stable/c/f718863aca469a109895cb855e6b81fff4827d71