SB20250120109 - Improper locking in Linux kernel netfilter

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper locking (CVE-ID: CVE-2023-52923)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the nft_rbtree_cmp(), __nft_rbtree_lookup(), nft_rbtree_get(), nft_rbtree_gc_elem(), nft_rbtree_activate(), nft_rbtree_flush() and nft_rbtree_gc() functions in net/netfilter/nft_set_rbtree.c, within the pipapo_drop(), pipapo_gc() and nft_pipapo_activate() functions in net/netfilter/nft_set_pipapo.c, within the nft_rhash_cmp(), nft_rhash_activate(), nft_rhash_flush(), nft_rhash_deactivate(), nft_rhash_gc() and nft_rhash_destroy() functions in net/netfilter/nft_set_hash.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/146c76866795553dbc19998f36718d7986ad302b
• https://git.kernel.org/stable/c/479a2cf5259347d6a1f658b0f791d27a34908e91
• https://git.kernel.org/stable/c/c357648929c8dff891502349769aafb8f0452bc2
• https://git.kernel.org/stable/c/cb4d00b563675ba8ff6ef94b077f58d816f68ba3
• https://git.kernel.org/stable/c/df650d6a4bf47248261b61ef6b174d7c54034d15
• https://git.kernel.org/stable/c/e4d71d6a9c7db93f7bf20c3a0f0659d63d7de681
• https://git.kernel.org/stable/c/f6c383b8c31a93752a52697f8430a71dcbc46adf
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.316
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.198
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.134
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.262
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.56
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.11
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5