CVE-2023-52628

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 4.1 cycle and all versions after 4.1 cycle before the fix

Description The issue is related to a stack-based buffer overflow in the netfilter component of the Linux kernel. If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array, leading to stack corruption. This occurs because a construct is necessary to clean the remainder of the register in case ->len is not a multiple of the register size. The bug was added in the 4.1 cycle and then copied or inherited when tcp/sctp and ip option support was added.

Recommendations As a temporary workaround, consider disabling the nft exthdr function until a patch is available. Restrict access to the vulnerable netfilter module to minimize the risk of exploitation. Avoid using the priv->len variable in the affected code until the issue is resolved. Update to a version of the Linux Kernel that includes the fix for the netfilter: nftables: exthdr: fix 4-byte stack OOB write issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.