Unrated severityNVD Advisory· Published Sep 28, 2023· Updated Nov 6, 2025
Kernel: netfilter: race condition between ipset_cmd_add and ipset_cmd_swap
CVE-2023-42756
Description
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of __ip_set_put on a wrong set. This issue may allow a local user to crash the system.
Affected products
77cpe:/a:redhat:enterprise_linux:9::crb+ 4 more
- cpe:/a:redhat:enterprise_linux:9::crbrange: 0:5.14.0-427.13.1.el9_4
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
- osv-coords72 versionspkg:deb/ubuntu/linux@6.5.0-10.10?arch=source&distro=manticpkg:deb/ubuntu/linux-aws@6.5.0-1009.9?arch=source&distro=manticpkg:deb/ubuntu/linux-azure@6.5.0-1008.8?arch=source&distro=manticpkg:deb/ubuntu/linux-gcp@6.5.0-1008.8?arch=source&distro=manticpkg:deb/ubuntu/linux-laptop@6.5.0-1005.8?arch=source&distro=manticpkg:deb/ubuntu/linux-lowlatency@6.5.0-10.10.1?arch=source&distro=manticpkg:deb/ubuntu/linux-oracle@6.5.0-1011.11?arch=source&distro=manticpkg:deb/ubuntu/linux-raspi@6.5.0-1006.8?arch=source&distro=manticpkg:deb/ubuntu/linux-starfive@6.5.0-1003.4?arch=source&distro=manticpkg:rpm/almalinux/bpftoolpkg:rpm/almalinux/kernelpkg:rpm/almalinux/kernel-64kpkg:rpm/almalinux/kernel-64k-corepkg:rpm/almalinux/kernel-64k-debugpkg:rpm/almalinux/kernel-64k-debug-corepkg:rpm/almalinux/kernel-64k-debug-develpkg:rpm/almalinux/kernel-64k-debug-devel-matchedpkg:rpm/almalinux/kernel-64k-debug-modulespkg:rpm/almalinux/kernel-64k-debug-modules-corepkg:rpm/almalinux/kernel-64k-debug-modules-extrapkg:rpm/almalinux/kernel-64k-develpkg:rpm/almalinux/kernel-64k-devel-matchedpkg:rpm/almalinux/kernel-64k-modulespkg:rpm/almalinux/kernel-64k-modules-corepkg:rpm/almalinux/kernel-64k-modules-extrapkg:rpm/almalinux/kernel-abi-stablelistspkg:rpm/almalinux/kernel-corepkg:rpm/almalinux/kernel-cross-headerspkg:rpm/almalinux/kernel-debugpkg:rpm/almalinux/kernel-debug-corepkg:rpm/almalinux/kernel-debug-develpkg:rpm/almalinux/kernel-debug-devel-matchedpkg:rpm/almalinux/kernel-debug-modulespkg:rpm/almalinux/kernel-debug-modules-corepkg:rpm/almalinux/kernel-debug-modules-extrapkg:rpm/almalinux/kernel-debug-uki-virtpkg:rpm/almalinux/kernel-develpkg:rpm/almalinux/kernel-devel-matchedpkg:rpm/almalinux/kernel-docpkg:rpm/almalinux/kernel-headerspkg:rpm/almalinux/kernel-modulespkg:rpm/almalinux/kernel-modules-corepkg:rpm/almalinux/kernel-modules-extrapkg:rpm/almalinux/kernel-rtpkg:rpm/almalinux/kernel-rt-corepkg:rpm/almalinux/kernel-rt-debugpkg:rpm/almalinux/kernel-rt-debug-corepkg:rpm/almalinux/kernel-rt-debug-develpkg:rpm/almalinux/kernel-rt-debug-modulespkg:rpm/almalinux/kernel-rt-debug-modules-corepkg:rpm/almalinux/kernel-rt-debug-modules-extrapkg:rpm/almalinux/kernel-rt-develpkg:rpm/almalinux/kernel-rt-modulespkg:rpm/almalinux/kernel-rt-modules-corepkg:rpm/almalinux/kernel-rt-modules-extrapkg:rpm/almalinux/kernel-toolspkg:rpm/almalinux/kernel-tools-libspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/almalinux/kernel-uki-virtpkg:rpm/almalinux/kernel-zfcpdumppkg:rpm/almalinux/kernel-zfcpdump-corepkg:rpm/almalinux/kernel-zfcpdump-develpkg:rpm/almalinux/kernel-zfcpdump-devel-matchedpkg:rpm/almalinux/kernel-zfcpdump-modulespkg:rpm/almalinux/kernel-zfcpdump-modules-corepkg:rpm/almalinux/kernel-zfcpdump-modules-extrapkg:rpm/almalinux/libperfpkg:rpm/almalinux/perfpkg:rpm/almalinux/python3-perfpkg:rpm/almalinux/rtlapkg:rpm/almalinux/rvpkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
< 6.5.0-10.10+ 71 more
- (no CPE)range: < 6.5.0-10.10
- (no CPE)range: < 6.5.0-1009.9
- (no CPE)range: < 6.5.0-1008.8
- (no CPE)range: < 6.5.0-1008.8
- (no CPE)range: < 6.5.0-1005.8
- (no CPE)range: < 6.5.0-10.10.1
- (no CPE)range: < 6.5.0-1011.11
- (no CPE)range: < 6.5.0-1006.8
- (no CPE)range: < 6.5.0-1003.4
- (no CPE)range: < 7.3.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 5.14.0-427.13.1.el9_4
- (no CPE)range: < 6.5.6-1.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- access.redhat.com/errata/RHSA-2024:2394mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/security/cve/CVE-2023-42756mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- seclists.org/oss-sec/2023/q3/242mitre
News mentions
0No linked articles in our index yet.