CVE-2023-52620

low-risk
Published 2024-03-21

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.5/10 Low
LOCAL / HIGH complexity

Affected Products (8)

Affected Vendors

Linux

References (14)

Patch https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e
Patch https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c
Patch https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268
Patch https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323
Patch https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b
Patch https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab
Patch https://git.kernel.org/stable/c/00b19ee0dcc1aef06294471ab489bae26d94524e
Patch https://git.kernel.org/stable/c/116b0e8e4673a5faa8a739a19b467010c4d3058c
Patch https://git.kernel.org/stable/c/49ce99ae43314d887153e07cec8bb6a647a19268
Patch https://git.kernel.org/stable/c/6f3ae02bbb62f151b19162d5fdc9fe3d48450323
Patch https://git.kernel.org/stable/c/b7be6c737a179a76901c872f6b4c1d00552d9a1b
Patch https://git.kernel.org/stable/c/e26d3009efda338f19016df4175f354a9bd0a4ab
Third Party Advisory https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
20
/ 100
low-risk
Severity 6/34 · Minimal
Exploitability 0/34 · Minimal
Exposure 14/34 · Moderate