CVE-2023-52581
Published: Mar 2, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix memleak when more than 255 elements expired When more than 255 elements expired we're supposed to switch to a new gc container structure. This never happens: u8 type will wrap before reaching the boundary and nft_trans_gc_space() always returns true. This means we recycle the initial gc container structure and lose track of the elements that came before. While at it, don't deref 'gc' after we've passed it to call_rcu.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 8da1b048f9a501d3d7d38c188ba09d7d0d5b8c27 - < 7cf055b43756b10aa2b851c927c940f5ed652125affected bbdb3b65aa91aa0a32b212f27780b28987f2d94f - < a995a68e8a3b48533e47c856865d109a1f1a9d01affected 448be0774882f95a74fa5eb7519761152add601b - < 09c85f2d21ab6b5acba31a037985b13e8e6565b8affected d19e8bf3ea4114dd21fc35da21f398203d7f7df1 - < ef99506eaf1dc31feff1adfcfd68bc5535a22171affected ea3eb9f2192e4fc33b795673e56c97a21987f868 - < 7e5d732e6902eb6a37b35480796838a145ae5f07+4 more versions |
Linux | Linux | affected 6.5unaffected 0 - < 6.5unaffected 6.5.6 - <= 6.5.*unaffected 6.6 - <= * |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now