CVE-2023-52628

netfilter: nftables: exthdr: fix 4-byte stack OOB write

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write If priv->len is a multiple of 4, then dst[len / 4] can write past the destination array which leads to stack corruption. This construct is necessary to clean the remainder of the register in case ->len is NOT a multiple of the register size, so make it conditional just like nft_payload.c does. The bug was added in 4.1 cycle and then copied/inherited when tcp/sctp and ip option support was added. Bug reported by Zero Day Initiative project (ZDI-CAN-21950, ZDI-CAN-21951, ZDI-CAN-21961).

Category

7.1
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/28a97c43c9e32f437ebb8d6126f9bb7f3ca9521a patch
https://git.kernel.org/stable/c/cf39c4f77a773a547ac2bcf30ecdd303bb0c80cb patch
https://git.kernel.org/stable/c/a7d86a77c33ba1c357a7504341172cc1507f0698 patch
https://git.kernel.org/stable/c/1ad7b189cc1411048434e8595ffcbe7873b71082 patch
https://git.kernel.org/stable/c/d9ebfc0f21377690837ebbd119e679243e0099cc patch
https://git.kernel.org/stable/c/c8f292322ff16b9a2272a67de396c09a50e09dce patch
https://git.kernel.org/stable/c/fd94d9dadee58e09b49075240fe83423eb1dcd36 patch

Frequently Asked Questions

What is the severity of CVE-2023-52628?
CVE-2023-52628 has been scored as a high severity vulnerability.
How to fix CVE-2023-52628?
To fix CVE-2023-52628, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52628 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52628 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52628?
CVE-2023-52628 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.