CVE-2023-52927

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-52927

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52927.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-52927

Downstream

BELL-CVE-2023-52927

DEBIAN-CVE-2023-52927

DLA-4193-1

DSA-5900-1

SUSE-SU-2025:01919-1

SUSE-SU-2025:01951-1

SUSE-SU-2025:01967-1

SUSE-SU-2025:02848-1

SUSE-SU-2025:02849-1

SUSE-SU-2025:02850-1

SUSE-SU-2025:02851-1

SUSE-SU-2025:02852-1

SUSE-SU-2025:1177-1

SUSE-SU-2025:1178-1

SUSE-SU-2025:1180-1

Related

Published

2025-03-14T15:15:39Z

Modified

2025-08-19T17:15:31Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: allow exp not to be removed in nfctfind_expectation

Currently nfconntrackin() calling nfctfind_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the created ct will not be confirmed, like in OVS and TC conntrack in the following patches.

This patch allows exp not to be removed by setting IPS_CONFIRMED in the status of the tmpl.

References

Affected packages