CVE-2023-53304
- Source
- https://cve.org/CVERecord?id=CVE-2023-53304
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53304.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53304
- Downstream
- Related
- Published
- 2025-09-16T16:11:44.147Z
- Modified
- 2026-03-20T12:33:05.078980Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- netfilter: nft_set_rbtree: fix overlap expiration walk
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nftsetrbtree: fix overlap expiration walk
The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any.
Can be reproduced with tests/shell/testcases/sets/0044intervaloverlap0 in nftables.git and kmemleak enabled kernel.
Second bug is the use of rbeprev vs. prev pointer. If rbeprev() returns NULL after at least one iteration, rbe_prev points to element that is not an end interval, hence it should not be removed.
Lastly, check the genmask of the end interval if this is active in the current generation.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53304.json" }- References
-
- https://git.kernel.org/stable/c/50cbb9d195c197af671869c8cadce3bd483735a0
- https://git.kernel.org/stable/c/8284a79136c384059e85e278da2210b809730287
- https://git.kernel.org/stable/c/893cb3c3513cf661a0ff45fe0cfa83fe27131f76
- https://git.kernel.org/stable/c/89a4d1a89751a0fbd520e64091873e19cc0979e8
- https://git.kernel.org/stable/c/acaee227cf79c45a5d2d49c3e9a66333a462802c
- https://git.kernel.org/stable/c/cd66733932399475fe933cb3ec03e687ed401462
- https://git.kernel.org/stable/c/f718863aca469a109895cb855e6b81fff4827d71
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53304.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53304
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7ab87a326f20c52ff4d9972052d085be951c704bFixed8284a79136c384059e85e278da2210b809730287
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced181859bdfb9734aca449512fccaee4cacce64aedFixedacaee227cf79c45a5d2d49c3e9a66333a462802c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4aacf3d78424293e318c616016865380b37b9cc5Fixed893cb3c3513cf661a0ff45fe0cfa83fe27131f76
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced2bf1435fa19d2c58054391b3bba40d5510a5758cFixed50cbb9d195c197af671869c8cadce3bd483735a0
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced318cb24a4c3fce8140afaf84e4d45fcb76fb280bFixed89a4d1a89751a0fbd520e64091873e19cc0979e8
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedc9e6978e2725a7d4b6cd23b2facd3f11422c0643Fixedcd66733932399475fe933cb3ec03e687ed401462Fixedf718863aca469a109895cb855e6b81fff4827d71