1. Home
  2. Vulnerabilities
  3. CVE-2023-42753

CVE-2023-42753

CVSS v3.1 7.8 (High)
78% Progress
EPSS 0.04 % (11th)
0.04% Progress
Affected Products 3
Advisories 64
NVD Status Modified
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h->nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

Weaknesses
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
NVD Status
Modified
CNA
Red Hat, Inc.
Published Date
2023-09-25 21:15:15
(11 months ago)
Updated Date
2024-09-13 19:15:15
(3 days ago)

Affected Products

Debian

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel from 4.4.165 version and prior 4.5 version cpe:2.3:o:linux:linux_kernel >= 4.4.165 < 4.5
  Linux Kernel from 4.9.141 version and prior 4.10 version cpe:2.3:o:linux:linux_kernel >= 4.9.141 < 4.10
  Linux Kernel from 4.14.84 version and prior 4.15 version cpe:2.3:o:linux:linux_kernel >= 4.14.84 < 4.15
  Linux Kernel from 4.19.5 version and prior 4.19.295 version cpe:2.3:o:linux:linux_kernel >= 4.19.5 < 4.19.295
  Linux Kernel from 4.20 version and prior 5.4.257 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.257
  Linux Kernel from 5.5 version and prior 5.10.195 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.10.195
  Linux Kernel from 5.11 version and prior 5.15.132 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.132
  Linux Kernel from 5.16 version and prior 6.1.53 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 6.1.53
  Linux Kernel from 6.2 version and prior 6.4.16 version cpe:2.3:o:linux:linux_kernel >= 6.2 < 6.4.16
  Linux Kernel from 6.5 version and prior 6.5.3 version cpe:2.3:o:linux:linux_kernel >= 6.5 < 6.5.3

Configuration #2

    CPE23 From Up To
  Redhat Enterprise Linux 7.0 cpe:2.3:o:redhat:enterprise_linux:7.0
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0
  Redhat Enterprise Linux 9.0 cpe:2.3:o:redhat:enterprise_linux:9.0

Configuration #3

    CPE23 From Up To
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0