Get tailored security recommendations from our analyst team for CVE-2023-52923. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: adapt set backend to use GC transaction API

Use the GC transaction API to replace the old and buggy gc API and the
busy mark approach.

No set elements are removed from async garbage collection anymore,
instead the _DEAD bit is set on so the set element is not visible from
lookup path anymore. Async GC enqueues transaction work that might be
aborted and retried later.

rbtree and pipapo set backends does not set on the _DEAD bit from the
sync GC path since this runs in control plane path where mutex is held.
In this case, set elements are deactivated, removed and then released
via RCU callback, sync GC never fails.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

9d0982927e79049675cb6c6c04a0ebb3dad5a434 9d0982927e79049675cb6c6c04a0ebb3dad5a434 9d0982927e79049675cb6c6c04a0ebb3dad5a434 9d0982927e79049675cb6c6c04a0ebb3dad5a434 9d0982927e79049675cb6c6c04a0ebb3dad5a434 9d0982927e79049675cb6c6c04a0ebb3dad5a434 9d0982927e79049675cb6c6c04a0ebb3dad5a434

Linux