CVE-2023-5972 - OpenCVE

A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel
Fedoraproject	Fedora

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc7::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc8::::::
	cpe:2.3:o:linux:linux_kernel:6.2.0:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.2.0:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.2.0:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.2.0:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.2.0:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.2.0:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.6:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.6:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.6:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.6:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.6:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.6:rc6::::::

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-5972	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2248189	Issue Tracking Patch
https://github.com/torvalds/linux/commit/505ce0630ad5d31185695f8a29dde8d29f28faa7	Patch
https://github.com/torvalds/linux/commit/52177bbf19e6e9398375a148d2e13ed492b40b80	Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-11-23T17:21:20.589Z

Updated: 2024-02-28T12:38:05.880Z

Reserved: 2023-11-06T19:19:58.357Z

Link: CVE-2023-5972

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-23T18:15:07.470

Modified: 2023-11-30T20:31:31.227

Link: CVE-2023-5972

JSON object: View

Redhat Information

No data.

CWE

CWE-476

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-5972", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-11-06T19:19:58.357Z", "datePublished": "2023-11-23T17:21:20.589Z", "dateUpdated": "2024-02-28T12:38:05.880Z"}, "containers": {"cna": {"title": "Kernel: the nfta_inner_num and nfta_expr_name netlink attributes accessed without checking its presence in nft_inner.c", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system."}], "affected": [{"product": "kernel", "vendor": "n/a", "defaultStatus": "affected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "kernel-rt", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}, {"product": "Fedora", "vendor": "Fedora", "collectionURL": "https://packages.fedoraproject.org/", "packageName": "kernel", "defaultStatus": "affected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-5972", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248189", "name": "RHBZ#2248189", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/torvalds/linux/commit/505ce0630ad5d31185695f8a29dde8d29f28faa7"}, {"url": "https://github.com/torvalds/linux/commit/52177bbf19e6e9398375a148d2e13ed492b40b80"}], "datePublic": "2023-10-12T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-476: NULL Pointer Dereference", "timeline": [{"lang": "en", "time": "2023-10-23T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-10-12T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Xingyuan Mo (IceSword Lab) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-02-28T12:38:05.880Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C209B2AA-EBB7-4A9E-9B86-4DF1632B47B3", "versionEndIncluding": "6.5.10", "versionStartIncluding": "6.2.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*", "matchCriteriaId": "D34127CC-68F5-4703-A5F6-5006F803E4AE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*", "matchCriteriaId": "4AB8D555-648E-4F2F-98BD-3E7F45BD12A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*", "matchCriteriaId": "C64BDD9D-C663-4E75-AE06-356EDC392B82", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*", "matchCriteriaId": "26544390-88E4-41CA-98BF-7BB1E9D4E243", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "5283F553-3742-412C-8FBF-5C48E60E7F73", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "BDDE77B0-4959-484D-B7B5-815682FA0EA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "7AA287BA-AA71-4071-814E-FDBA6EAA3B8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "8939DBFF-1DFD-4F1D-B01F-75E0F10493A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "410F4BA6-C7AA-4235-BDF2-D9DDC3C155D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "5403B74F-D6F6-4B8E-8F5A-4468D15A47CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*", "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*", "matchCriteriaId": "E7C78D0A-C4A2-4D41-B726-8979E33AD0F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*", "matchCriteriaId": "E114E9DD-F7E1-40CC-AAD5-F14E586CB2E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system."}, {"lang": "es", "value": "Se encontr\u00f3 una falla de desreferencia de puntero nulo en la funcionalidad nft_inner.c de netfilter en el kernel de Linux. Este problema podr\u00eda permitir que un usuario local bloquee el sistema o aumente sus privilegios en el sistema."}], "id": "CVE-2023-5972", "lastModified": "2023-11-30T20:31:31.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-11-23T18:15:07.470", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-5972"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248189"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/505ce0630ad5d31185695f8a29dde8d29f28faa7"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/52177bbf19e6e9398375a148d2e13ed492b40b80"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "secalert@redhat.com", "type": "Secondary"}]}