Fix for 4-byte stack OOB write vulnerability in nftables
CVE-2023-52628
What is CVE-2023-52628?
A vulnerability exists in the Linux kernel's netfilter component, specifically related to the handling of external headers in the nftables framework. The issue stems from a condition where the length of certain data structures, if a multiple of 4, can lead to an out-of-bounds write, ultimately causing stack corruption. This bug originated during the 4.1 development cycle and became part of the kernel's code with subsequent additions for TCP/SCTP and IP option support. The vulnerability was identified and reported by the Zero Day Initiative, highlighting the importance of immediate remediation to protect systems relying on affected kernel versions.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Linux 49499c3e6e18b7677a63316f3ff54a16533dc28f < 28a97c43c9e32f437ebb8d6126f9bb7f3ca9521a
Linux 49499c3e6e18b7677a63316f3ff54a16533dc28f
Linux 49499c3e6e18b7677a63316f3ff54a16533dc28f
News Articles
prophaze.comCVE-2023-52628CVE-2023-52628 : LINUX KERNEL UP TO 5.10.197/5.15.131/6.1.53/6.5.3 NFTABLES NFT_PAYLOAD.C OUT-OF-BOUNDS WRITE - Cloud WAF
CVE-2023-52628 : In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: