PT-2025-5681 · Linux+3 · Linux Kernel+3

Published

2023-08-09

·

Updated

2025-08-29

·

CVE-2023-52924

CVSS v2.0

7.5

High

VectorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to an asymmetry between commit/abort and preparation phase in the Linux kernel's netfilter nf tables. This occurs when a set is a verdict map and timeouts are enabled. A problematic sequence can happen when an element in a set refers to a chain, and the set is removed. If the element has already expired, it will be ignored during the list walk, resulting in a leaked chain use count and a potential WARN splat when the chain is removed later. The nf tables set elem destroy() function is only safe for elements that have been deactivated earlier from the preparation phase. Updating pipapo get() to not skip expired elements resolves the issue.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-664

Related Identifiers

BDU:2025-06576
CVE-2023-52924
OESA-2025-2081
OPENSUSE-SU-2025_0847-1
OPENSUSE-SU-2025_0855-1
OPENSUSE-SU-2025_0856-1
OPENSUSE-SU-2025_0955-1
SUSE-SU-2025:02264-1
SUSE-SU-2025:02321-1
SUSE-SU-2025:02322-1
SUSE-SU-2025:02537-1
SUSE-SU-2025:0784-1
SUSE-SU-2025:0834-1
SUSE-SU-2025:0847-1
SUSE-SU-2025:0855-1
SUSE-SU-2025:0856-1
SUSE-SU-2025:0867-1
SUSE-SU-2025:0955-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:2264-1
SUSE-SU-2025_02264-1
SUSE-SU-2025_02537-1
SUSE-SU-2025_0834-1
SUSE-SU-2025_0847-1
SUSE-SU-2025_0855-1
SUSE-SU-2025_0856-1
SUSE-SU-2025_0955-1

Affected Products

Astra Linux
Linux Kernel
Red Os
Suse