Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-52628
HistoryMar 28, 2024 - 11:55 a.m.

CVE-2023-52628

2024-03-2811:55:31
redhat.com
access.redhat.com
19
linux kernel
netfilter
nftables
vulnerability
patch
stack corruption
zdi-can-21950
zdi-can-21951
zdi-can-21961

7.3 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

An out-of-bounds write flaw was found in the Linux kernel’s Netfilter functionality. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Mitigation

In order to trigger the issue, it requires the ability to create user/net namespaces.

On non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:

echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf

sysctl -p /etc/sysctl.d/userns.conf

On containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.

Related

nvd 1
zdi 3
debiancve 1
amazon 2
cvelist 1
nessus 29
vulnrichment 1
cve 1
ubuntucve 1
redhat 7
openvas 11
osv 1
nvd
nvd
CVE-2023-52628
2024-03-28 08:15:25
zdi
zdi
Linux Kernel nft_exthdr_tcp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability
2024-03-28 00:00:00
Linux Kernel nft_exthdr_ipv6_eval Stack-based Buffer Overflow Information Disclosure Vulnerability
2024-03-28 00:00:00
Linux Kernel nft_exthdr_sctp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability
2024-03-28 00:00:00
debiancve
debiancve
CVE-2023-52628
2024-03-28 08:15:25
amazon
amazon
Important: kernel
2024-05-09 19:16:00
Important: kernel
2024-05-09 17:43:00
cvelist
cvelist
CVE-2023-52628 netfilter: nftables: exthdr: fix 4-byte stack OOB write
2024-03-28 07:33:46
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2024-1937)
2024-05-13 00:00:00
Amazon Linux 2 : kernel (ALAS-2024-2542)
2024-05-15 00:00:00
SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:2094-1)
2024-06-20 00:00:00
vulnrichment
vulnrichment
CVE-2023-52628 netfilter: nftables: exthdr: fix 4-byte stack OOB write
2024-03-28 07:33:46
cve
cve
CVE-2023-52628
2024-03-28 08:15:25
ubuntucve
ubuntucve
CVE-2023-52628
2024-03-28 00:00:00
redhat
redhat
(RHSA-2024:2845) Moderate: kernel security and bug fix update
2024-05-15 00:13:23
(RHSA-2024:2846) Moderate: kernel-rt security and bug fix update
2024-05-15 00:13:31
(RHSA-2024:3414) Important: kernel-rt security and bug fix update
2024-05-28 13:04:14
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1647-1)
2024-05-24 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1641-1)
2024-05-24 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1332-1)
2024-04-23 00:00:00
osv
osv
linux - security update
2024-06-25 00:00:00

7.3 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON
Related for RH:CVE-2023-52628
nvd1zdi3debiancve1amazon2cvelist1nessus29vulnrichment1cve1ubuntucve1redhat7openvas11osv1