CVE-2023-53179

Published: Sep 15, 2025Modified: Dec 2, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c The missing IP_SET_HASH_WITH_NET0 macro in ip_set_hash_netportnet can lead to the use of wrong `CIDR_POS(c)` for calculating array offsets, which can lead to integer underflow. As a result, it leads to slab out-of-bound access. This patch adds back the IP_SET_HASH_WITH_NET0 macro to ip_set_hash_netportnet to address the issue.

Affected (17)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.14.84 to 4.14.326
Linux Linux Kernel	From 4.19.5 to 4.19.295
Linux Linux Kernel	From 4.20.1 to 5.4.257
Linux Linux Kernel	From 4.4.165 to 4.5
Linux Linux Kernel	From 4.9.141 to 4.10
Linux Linux Kernel	From 5.11 to 5.15.132
Linux Linux Kernel	From 5.16 to 6.1.53
Linux Linux Kernel	From 5.5 to 5.10.195
Linux Linux Kernel	From 6.2 to 6.4.16
Linux Linux Kernel	From 6.5 to 6.5.3
Linux Linux Kernel	Version 4.20
Linux Linux Kernel	Version 4.20 rc2
Linux Linux Kernel	Version 4.20 rc3
Linux Linux Kernel	Version 4.20 rc4
Linux Linux Kernel	Version 4.20 rc5
Linux Linux Kernel	Version 4.20 rc6
Linux Linux Kernel	Version 4.20 rc7