7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.5%
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: skip sync GC for new elements in this
transaction New elements in this transaction might expired before such
transaction ends. Skip sync GC for such elements otherwise commit path
might walk over an already released object. Once transaction is finished,
async GC will collect such expired element.
Author | Note |
---|---|
Priority reason: Reported by Google kCTF | |
rodrigo-zaiden | the commit 2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4 was considered one of the fix commits for CVE-2023-4244, as a follow up commit. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
git.kernel.org/linus/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4 (6.6-rc1)
git.kernel.org/stable/c/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4
git.kernel.org/stable/c/e3213ff99a355cda811b41e8dbb3472d13167a3a
launchpad.net/bugs/cve/CVE-2023-52433
nvd.nist.gov/vuln/detail/CVE-2023-52433
security-tracker.debian.org/tracker/CVE-2023-52433
www.cve.org/CVERecord?id=CVE-2023-52433
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.5%