PT-2023-8751 · Linux+6 · Linux Kernel+6

Pablo Neira Ayuso

Published

2023-09-20

Updated

2025-09-29

CVE-2023-52581

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a memory leak in the netfilter nf tables module when more than 255 elements expire. This causes the system to recycle the initial gc container structure and lose track of previous elements. The nft trans gc space() function always returns true, preventing the switch to a new gc container structure. This can impact the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Missing Release of Resource after Effective Lifetime

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772CWE-401

Related Identifiers

ALSA-2024:2394

ALSA-2024:2950

ALSA-2024:3138

ALSA-2024_2394

ALSA-2025_16880

BDU:2024-01803

CESA-2024_2950

CESA-2024_3138

CVE-2023-52581

INFSA-2024_2394

INFSA-2024_2950

INFSA-2024_3138

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

RHSA-2024:2394

RHSA-2024:2950

RHSA-2024:3138

RHSA-2024_2394

RHSA-2024_2950

RHSA-2024_3138

RLSA-2024:2950

RLSA-2024:3138

SUSE-SU-2024:2010-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

Affected Products

Almalinux

Centos

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

PT-2023-8751 · Linux+6 · Linux Kernel+6

CVE-2023-52581

Weakness Enumeration

Related Identifiers

Affected Products

References · 1822