216.73.217.64

CVE-2023-52923

· Published 20/01/2025 11:15 · Modified 20/01/2025 11:15

Labels: CVE-2023-52923 2025-01-20416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2023-52923

Essential information

Published
20/01/2025 11:15
Modified
20/01/2025 11:15
Author
Creator
CISA KEV
No
CWE

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instead the _DEAD bit is set on so the set element is not visible from lookup path anymore. Async GC enqueues transaction work that might be aborted and retried later. rbtree and pipapo set backends does not set on the _DEAD bit from the sync GC path since this runs in control plane path where mutex is held. In this case, set elements are deactivated, removed and then released via RCU callback, sync GC never fails.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD
View on NVD

References