Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-52927

Description

In the Linux kernel, the following vulnerability has been resolved:netfilter: allow exp not to be removed in nf_ct_find_expectationCurrently nf_conntrack_in() calling nf_ct_find_expectation() willremove the exp from the hash table. However, in some scenario, weexpect the exp not to be removed when the created ct will not beconfirmed, like in OVS and TC conntrack in the following patches.This patch allows exp not to be removed by setting IPS_CONFIRMEDin the status of the tmpl.

POC

Reference

- https://seadragnol.github.io/posts/CVE-2023-52927/

Github

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/HoangNhoo/Reproduce-CVE-2023-52927

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/seadragnol/CVE-2023-52927

- https://github.com/seadragnol/nf_tables_pocs

- https://github.com/seadragnol/seadragnol

- https://github.com/w4zu/Debian_security