CVE-2023-42753

Kernel: netfilter: potential slab-out-of-bound access due to integer underflow

Published: 9/25/2023 Last updated: 11/6/2025 Reserved: 9/13/2023

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7	High	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (56)

Product	Vendor	Version
Red Hat Enterprise Linux 6	Red Hat	15.1(3)SVF1
Red Hat Enterprise Linux 7	Red Hat	12.2(33)SXI2
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	12.2(33)SXI4
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	n/a
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	< 4.1
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	12.2(33)SXI
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	<= 5.17.*
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	< prior to 3.0.0.17
Red Hat Enterprise Linux 9	Red Hat	<= 5.18.*
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	<= *
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	12.2(33)SXI8
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	Red Hat	<= 1.1.10
Red Hat Enterprise Linux 6	Red Hat	12.2(33)SXI8a
Red Hat Enterprise Linux 7	Red Hat	< 12.5
Red Hat Enterprise Linux 7.7 Advanced Update Support	Red Hat	15.2(1)SY3
Red Hat Enterprise Linux 8	Red Hat	10.0.0.5
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	7.1
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	15.2(1)SY4
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	3.17.2S
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Red Hat	< 11.6
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	15.2(1)SY5
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	3.17.3S
Red Hat Enterprise Linux 9	Red Hat	n/a
Red Hat Enterprise Linux 9	Red Hat	<= 6.0.20
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	15.2(1)SY8
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	16.1.3
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	Red Hat	16.2.1
Red Hat Enterprise Linux 7.7 Advanced Update Support	Red Hat	12.2(33)SXI3
Red Hat Enterprise Linux 8	Red Hat	12.2(33)SXI5
Red Hat Enterprise Linux 8.2 Advanced Update Support	Red Hat	12.2(33)SXI4a
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	n/a
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	n/a
Red Hat Enterprise Linux 7	Red Hat	3.17.0S
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	16.1.2
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	15.1(3)SVF
Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Red Hat	19.10
Red Hat Enterprise Linux 7	Red Hat	3.2.1.Final
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	12.2(33)SXI1
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	12.2(33)SXI2a
Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Red Hat	15.2(2)SY3
Red Hat Enterprise Linux 9	Red Hat	12.2(33)SXI10
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	Cisco IOS XE
Red Hat Enterprise Linux 9	Red Hat	<= 4.9.8
Red Hat Enterprise Linux 7	Red Hat	< 12662d19467b391b5b509ac5e9ab4f583c6dde16
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	12.2(33)SXI9
Red Hat Enterprise Linux 8	Red Hat	< 132
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Red Hat	4.1
Red Hat Enterprise Linux 7	Red Hat	7.0
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	1.0.0-B20230714.1105
Red Hat Enterprise Linux 8	Red Hat	3.17.1S
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Red Hat	<= 5.15.*
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	12.2(33)SXI6
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	15.2(1)SY7
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	12.2(33)SXI7
Red Hat Enterprise Linux 9.0 Extended Update Support	Red Hat	15.2(5)EX

CVE-2023-42753

Kernel: netfilter: potential slab-out-of-bound access due to integer underflow

Metrics

Opam packages affected (27)

Products affected (56)

References (120)