CVE-2023-53179
Published: Sep 15, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calculating array offsets, which can lead to integer underflow. As a result, it leads to slab out-of-bound access. This patch adds back the IP_SET_HASH_WITH_NET0 macro to ip_set_hash_netportnet to address the issue.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0d5d0b5c41f766355f2b42c47d13ea001f754c7d - < 7935b636dd693dfe4483cfef4a1e91366c8103faaffected cb3e590df429ce151d5041884a4947099b8ad6a7 - < e632d09dffc68b9602d6893a99bfe3001d36cefcaffected 886503f34d63e681662057448819edb5b1057a97 - < 109e830585e89a03d554bf8ad0e668630d0a6260affected 886503f34d63e681662057448819edb5b1057a97 - < 83091f8ac03f118086596f17c9a52d31d6ca94b3affected 886503f34d63e681662057448819edb5b1057a97 - < a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14+10 more versions |
Linux | Linux | affected 4.20unaffected 0 - < 4.20unaffected 4.14.326 - <= 4.14.*unaffected 4.19.295 - <= 4.19.*unaffected 5.4.257 - <= 5.4.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now