{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2023-52620", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-06T09:52:12.090Z", "datePublished": "2024-03-21T10:43:42.854Z", "dateUpdated": "2024-11-06T20:01:21.818Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:49:51.777Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "116b0e8e4673", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "49ce99ae4331", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6f3ae02bbb62", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "00b19ee0dcc1", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "b7be6c737a17", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e26d3009efda", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "4.19.312", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.274", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.151", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.81", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c"}, {"url": "https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268"}, {"url": "https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323"}, {"url": "https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e"}, {"url": "https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b"}, {"url": "https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab"}], "title": "netfilter: nf_tables: disallow timeout for anonymous sets", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-06-26T20:33:31.634112Z", "id": "CVE-2023-52620", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T20:01:21.818Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.362Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.362Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-52620", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-26T20:33:31.634112Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-26T20:33:34.757Z"}}], "cna": {"title": "netfilter: nf_tables: disallow timeout for anonymous sets", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "116b0e8e4673", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "49ce99ae4331", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6f3ae02bbb62", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "00b19ee0dcc1", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "b7be6c737a17", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "e26d3009efda", "versionType": "git"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.19.312", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.274", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.215", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.151", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.81", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.4", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c"}, {"url": "https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268"}, {"url": "https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323"}, {"url": "https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e"}, {"url": "https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b"}, {"url": "https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:49:51.777Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52620", "state": "PUBLISHED", "dateUpdated": "2024-11-06T20:01:21.818Z", "dateReserved": "2024-03-06T09:52:12.090Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-21T10:43:42.854Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow timeout for anonymous sets\n\nNever used from userspace, disallow these parameters."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nf_tables: no permite el tiempo de espera para conjuntos an\u00f3nimos Nunca se usa desde el espacio de usuario, no permita estos par\u00e1metros."}], "id": "CVE-2023-52620", "lastModified": "2024-11-06T20:35:08.343", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-21T11:15:28.230", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:2950", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.rt7.342.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-22T00:00:00Z"}, {"advisory": "RHSA-2024:3138", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-22T00:00:00Z"}, {"advisory": "RHSA-2024:2394", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.13.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:2394", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.13.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}], "bugzilla": {"description": "kernel: netfilter: nf_tables: disallow timeout for anonymous sets", "id": "2270883", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270883"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-99", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nf_tables: disallow timeout for anonymous sets\nNever used from userspace, disallow these parameters.", "A vulnerability was found in netfilter/nf_tables componets of Linux Kernel allows an userspace to set timeouts for anonymous sets, which are not intended to be used this way. This could lead to unexpected behaviour or security issues."], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2023-52620", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52620\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52620\nhttps://lore.kernel.org/linux-cve-announce/2024032147-CVE-2023-52620-11a9@gregkh/T"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.15.151, kernel 6.1.81, kernel 6.4"}