CVE-2023-54035 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix underflow in chain reference counter Set element addition error path decrements reference counter on chains twice: once on element release and again via nft_data_release(). Then, d6b478666ffa ("netfilter: nf_tables: fix underflow in object reference counter") incorrectly fixed this by removing the stateful object reference count decrement. Restore the stateful object decrement as in b91d90368837 ("netfilter: nf_tables: fix leaking object reference count") and let nft_data_release() decrement the chain reference counter, so this is done only once.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status

unaffected

35651fde1a7bb54dde0a46d35cd0d7136869ae86 (git) before b068314fd8ce751a7f906e55bb90f3551815f1a0

affected

628bd3e49cba1c066228e23d71a852c23e26da73 (git) before 9c959671abc7d4ffdf34eed10c64492d43cb6a3c

affected

628bd3e49cba1c066228e23d71a852c23e26da73 (git) before b389139f12f287b8ed2e2628b72df89a081f0b59

affected

bc9f791d2593f17e39f87c6e2b3a36549a3705b1 (git)

affected

3c7ec098e3b588434a8b07ea9b5b36f04cef1f50 (git)

affected

a136b7942ad2a50de708f76ea299ccb45ac7a7f9 (git)

affected

25aa2ad37c2162be1c0bc4fe6397f7e4c13f00f8 (git)

affected

d60be2da67d172aecf866302c91ea11533eca4d9 (git)

affected

dc7cdf8cbcbf8b13de1df93f356ec04cdeef5c41 (git)

affected

Default status

affected

6.4

affected

Any version before 6.4

unaffected

6.4.4 (semver)

unaffected

6.5 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/b068314fd8ce751a7f906e55bb90f3551815f1a0

git.kernel.org/...c/9c959671abc7d4ffdf34eed10c64492d43cb6a3c

git.kernel.org/...c/b389139f12f287b8ed2e2628b72df89a081f0b59

cve.org (CVE-2023-54035)

nvd.nist.gov (CVE-2023-54035)

Download JSON