QID 356606

2023-10-31:( CVE-2023-45871 was added to this advisory. 2023-10-12:( CVE-2023-39192 was added to this advisory. 2023-10-12:( CVE-2023-39193 was added to this advisory. 2023-10-12:( CVE-2023-39194 was added to this advisory. a flaw was found in the linux kernels ip framework for transforming packets (xfrm subsystem).
This issue may allow a malicious user with cap_net_admin privileges to directly dereference a null pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service. (
( CVE-2023-3772) netfilter: xt_u32: validate user space input note: https://www.zerodayinitiative.com/advisories/zdi-23-1490/ note: https://git.kernel.org/linus/69c5d284f67089b4750d28ff6ac6f52ec224b330 (6.6-rc1) (cve-2023-39192) netfilter: xt_sctp: validate the flag_info count note: https://www.zerodayinitiative.com/advisories/zdi-23-1491/ note: https://git.kernel.org/linus/e99476497687ef9e850748fe6d232264f30bc8f9 (6.6-rc1) (cve-2023-39193) net: xfrm: fix xfrm_address_filter oob read note: https://www.zerodayinitiative.com/advisories/zdi-23-1492/ note: https://git.kernel.org/linus/dfa73c17d55b921e1d4e154976de35317e43a93a (6.5-rc7) (cve-2023-39194) the upstream commit describes this issue as follows: the missing ip_set_hash_with_net0 macro in ip_set_hash_netportnet can lead to the use of wrong `cidr_pos(c)` for calculating array offsets, which can lead to integer underflow.
As a result, it leads to slab out-of-bound access. (

Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.