CVE-2023-53200— netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-53200
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +-< __alloc_percpu +-< xt_percpu_counter_alloc +-< find_check_entry # {arp,ip,ip6}_tables.c +-< translate_table And it can be leaked on this code path: +-> ip6t_register_table +-> translate_table # allocates percpu counter block +-> xt_register_table # fails there is no freeing of the counter block on xt_register_table fail. Note: xt_percpu_counter_free should be called to free it like we do in do_replace through cleanup_entry helper (or in __ip6t_unregister_table). Probability of hitting this error path is low AFAICS (xt_register_table can only return ENOMEM here, as it is not replacing anything, as we are creating new netns, and it is hard to imagine that all previous allocations succeeded and after that one in xt_register_table failed). But it's worth fixing even the rare leak.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于在创建新网络命名空间时错误路径上未释放percpu计数器块,可能导致内存泄漏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2023-53200
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-53200
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-09-15 · 210 CVEs total
| CVE-2022-50293 | btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range | |
| CVE-2023-53232 | mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data | |
| CVE-2023-53233 | net/smc: fix deadlock triggered by cancel_delayed_work_syn() | |
| CVE-2023-53234 | watchdog: Fix kmemleak in watchdog_cdev_register | |
| CVE-2023-53235 | drm/tests: helpers: Avoid a driver uaf | |
| CVE-2023-53236 | iommufd: Do not corrupt the pfn list when doing batch carry | |
| CVE-2023-53237 | drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini | |
| CVE-2023-53238 | phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() | |
| CVE-2023-53239 | drm/msm/mdp5: Add check for kzalloc | |
| CVE-2023-53240 | xsk: check IFF_UP earlier in Tx path | |
| CVE-2023-53241 | nfsd: call op_release, even when op_func returns an error | |
| CVE-2023-53242 | thermal/drivers/hisi: Drop second sensor hi3660 | |
| CVE-2022-50291 | kcm: annotate data-races around kcm->rx_psock | |
| CVE-2022-50292 | drm/msm/dp: fix bridge lifetime | |
| CVE-2022-50303 | drm/amdkfd: Fix double release compute pasid | |
| CVE-2022-50300 | btrfs: fix extent map use-after-free when handling missing device in read_one_chunk | |
| CVE-2022-50301 | iommu/omap: Fix buffer overflow in debugfs | |
| CVE-2022-50302 | lockd: set other missing fields when unlocking files | |
| CVE-2022-50299 | md: Replace snprintf with scnprintf | |
| CVE-2022-50304 | mtd: core: fix possible resource leak in init_mtd() |
Showing top 20 of 210 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2023-53200
No comments yet