CVE-2023-52628
Published: Mar 28, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of the register in case ->len is NOT a multiple of the register size, so make it conditional just like nft_payload.c does. The bug was added in 4.1 cycle and then copied/inherited when tcp/sctp and ip option support was added. Bug reported by Zero Day Initiative project (ZDI-CAN-21950, ZDI-CAN-21951, ZDI-CAN-21961).
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 49499c3e6e18b7677a63316f3ff54a16533dc28f - < 28a97c43c9e32f437ebb8d6126f9bb7f3ca9521aaffected 49499c3e6e18b7677a63316f3ff54a16533dc28f - < cf39c4f77a773a547ac2bcf30ecdd303bb0c80cbaffected 49499c3e6e18b7677a63316f3ff54a16533dc28f - < a7d86a77c33ba1c357a7504341172cc1507f0698affected 49499c3e6e18b7677a63316f3ff54a16533dc28f - < 1ad7b189cc1411048434e8595ffcbe7873b71082affected 49499c3e6e18b7677a63316f3ff54a16533dc28f - < d9ebfc0f21377690837ebbd119e679243e0099cc+2 more versions |
Linux | Linux | affected 4.1unaffected 0 - < 4.1unaffected 4.19.316 - <= 4.19.*unaffected 5.4.279 - <= 5.4.*unaffected 5.10.198 - <= 5.10.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now