In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before reaching the boundary and nft_trans_gc_space() always returns true. This means we recycle the initial gc container structure and lose track of the elements that came before. While at it, don't deref 'gc' after we've passed it to call_rcu.
History

Thu, 07 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H'}


Mon, 04 Nov 2024 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-02T21:59:47.856Z

Updated: 2024-11-07T14:54:23.969Z

Reserved: 2024-03-02T21:55:42.569Z

Link: CVE-2023-52581

cve-icon Vulnrichment

Updated: 2024-08-02T23:03:21.164Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-02T22:15:49.727

Modified: 2024-11-21T08:40:07.010

Link: CVE-2023-52581

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-03-02T00:00:00Z

Links: CVE-2023-52581 - Bugzilla