CVE-2023-54035

Published: Dec 24, 2025

Modified: May 27, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix underflow in chain reference counter Set element addition error path decrements reference counter on chains twice: once on element release and again via nft_data_release(). Then, d6b478666ffa ("netfilter: nf_tables: fix underflow in object reference counter") incorrectly fixed this by removing the stateful object reference count decrement. Restore the stateful object decrement as in b91d90368837 ("netfilter: nf_tables: fix leaking object reference count") and let nft_data_release() decrement the chain reference counter, so this is done only once.

Vendor	Product	Versions
Linux	Linux	affected `35651fde1a7bb54dde0a46d35cd0d7136869ae86 - < b068314fd8ce751a7f906e55bb90f3551815f1a0` affected `628bd3e49cba1c066228e23d71a852c23e26da73 - < 9c959671abc7d4ffdf34eed10c64492d43cb6a3c` affected `628bd3e49cba1c066228e23d71a852c23e26da73 - < b389139f12f287b8ed2e2628b72df89a081f0b59` affected `bc9f791d2593f17e39f87c6e2b3a36549a3705b1` affected `3c7ec098e3b588434a8b07ea9b5b36f04cef1f50` +9 more versions
Linux	Linux	affected `6.4` unaffected `0 - < 6.4` unaffected `6.4.4 - <= 6.4.` unaffected `6.5 - <= `

References

https://git.kernel.org/stable/c/b068314fd8ce751a7f906e55bb90f3551815f1a0

https://git.kernel.org/stable/c/9c959671abc7d4ffdf34eed10c64492d43cb6a3c

https://git.kernel.org/stable/c/b389139f12f287b8ed2e2628b72df89a081f0b59

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54035

Description

Affected Products

References