1217938 – (CVE-2023-6622) VUL-0: CVE-2023-6622: kernel: null pointer dereference vulnerability in nft_dynset_init()

Bug 1217938 (CVE-2023-6622) - VUL-0: CVE-2023-6622: kernel: null pointer dereference vulnerability in nft_dynset_init()

Summary: VUL-0: CVE-2023-6622: kernel: null pointer dereference vulnerability in nft_d...

Status:	RESOLVED FIXED

Alias:	CVE-2023-6622

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/387419/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-6622:5.5:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-12-11 10:47 UTC by SMASH SMASH
Modified:	2024-06-25 18:02 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2023-12-11 10:47:33 UTC

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6622

Comment 1 Gabriele Sonnu 2023-12-11 10:51:02 UTC

Fixing commit:

https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea

Offending commit (48b0ae0) found in:

- SLE15-SP4
- SLE15-SP5
- SLE15-SP6
- stable

Comment 16 Maintenance Automation 2024-01-16 16:30:07 UTC

SUSE-SU-2024:0129-1: An update that solves 10 vulnerabilities, contains three features and has 31 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1193285, 1211162, 1211226, 1212584, 1214747, 1214823, 1215237, 1215696, 1215885, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218139, 1218184, 1218234, 1218253, 1218258, 1218335, 1218357, 1218447, 1218515, 1218559, 1218569, 1218659
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7322
Sources used:
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.65.1, kernel-source-rt-5.14.21-150400.15.65.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_17-1-150400.1.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Maintenance Automation 2024-01-16 16:30:25 UTC

SUSE-SU-2024:0115-1: An update that solves 10 vulnerabilities, contains three features and has 40 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1211162, 1211226, 1212139, 1212584, 1214117, 1214747, 1214823, 1215237, 1215696, 1215885, 1215952, 1216032, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217822, 1217927, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218092, 1218139, 1218184, 1218229, 1218234, 1218253, 1218258, 1218335, 1218357, 1218397, 1218447, 1218461, 1218515, 1218559, 1218569, 1218643
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7167
Sources used:
openSUSE Leap 15.5 (src): kernel-source-rt-5.14.21-150500.13.30.1, kernel-livepatch-SLE15-SP5-RT_Update_9-1-150500.11.3.1, kernel-syms-rt-5.14.21-150500.13.30.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_9-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src): kernel-source-rt-5.14.21-150500.13.30.1, kernel-syms-rt-5.14.21-150500.13.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Maintenance Automation 2024-01-18 12:30:18 UTC

SUSE-SU-2024:0141-1: An update that solves 10 vulnerabilities, contains three features and has 41 security fixes can now be installed.

Category: security (important)
Bug References: 1108281, 1179610, 1183045, 1211162, 1211226, 1212139, 1212584, 1214117, 1214747, 1214823, 1215237, 1215696, 1215885, 1215952, 1216032, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217822, 1217927, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218092, 1218139, 1218184, 1218229, 1218234, 1218253, 1218258, 1218335, 1218357, 1218397, 1218447, 1218461, 1218515, 1218559, 1218569, 1218643
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7167
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-azure-5.14.21-150500.33.29.1, kernel-source-azure-5.14.21-150500.33.29.1
Public Cloud Module 15-SP5 (src): kernel-syms-azure-5.14.21-150500.33.29.1, kernel-source-azure-5.14.21-150500.33.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Maintenance Automation 2024-01-18 20:30:09 UTC

SUSE-SU-2024:0160-1: An update that solves 10 vulnerabilities, contains three features and has 42 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1211162, 1211226, 1212139, 1212584, 1214117, 1214158, 1214747, 1214823, 1215237, 1215696, 1215885, 1215952, 1216032, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217822, 1217927, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218092, 1218139, 1218184, 1218229, 1218234, 1218253, 1218258, 1218335, 1218357, 1218397, 1218447, 1218461, 1218515, 1218559, 1218569, 1218643, 1218738
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7167
Sources used:
openSUSE Leap 15.5 (src): kernel-obs-build-5.14.21-150500.55.44.1, kernel-livepatch-SLE15-SP5_Update_9-1-150500.11.5.1, kernel-syms-5.14.21-150500.55.44.1, kernel-source-5.14.21-150500.55.44.1, kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2, kernel-obs-qa-5.14.21-150500.55.44.1
SUSE Linux Enterprise Micro 5.5 (src): kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2
Basesystem Module 15-SP5 (src): kernel-default-base-5.14.21-150500.55.44.1.150500.6.19.2, kernel-source-5.14.21-150500.55.44.1
Development Tools Module 15-SP5 (src): kernel-source-5.14.21-150500.55.44.1, kernel-obs-build-5.14.21-150500.55.44.1, kernel-syms-5.14.21-150500.55.44.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_9-1-150500.11.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Maintenance Automation 2024-01-18 20:30:27 UTC

SUSE-SU-2024:0156-1: An update that solves 10 vulnerabilities, contains three features and has 31 security fixes can now be installed.

Category: security (important)
Bug References: 1179610, 1183045, 1193285, 1211162, 1211226, 1212584, 1214747, 1214823, 1215237, 1215696, 1215885, 1216057, 1216559, 1216776, 1217036, 1217217, 1217250, 1217602, 1217692, 1217790, 1217801, 1217933, 1217938, 1217946, 1217947, 1217980, 1217981, 1217982, 1218056, 1218139, 1218184, 1218234, 1218253, 1218258, 1218335, 1218357, 1218447, 1218515, 1218559, 1218569, 1218659
CVE References: CVE-2020-26555, CVE-2023-51779, CVE-2023-6121, CVE-2023-6531, CVE-2023-6546, CVE-2023-6606, CVE-2023-6610, CVE-2023-6622, CVE-2023-6931, CVE-2023-6932
Jira References: PED-3459, PED-5021, PED-7322
Sources used:
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Real Time 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1
SUSE Manager Proxy 4.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1
SUSE Manager Retail Branch Server 4.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1
SUSE Manager Server 4.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1
openSUSE Leap 15.4 (src): kernel-obs-qa-5.14.21-150400.24.103.1, kernel-source-5.14.21-150400.24.103.1, kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-livepatch-SLE15-SP4_Update_22-1-150400.9.3.1, kernel-syms-5.14.21-150400.24.103.1
openSUSE Leap Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
openSUSE Leap Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_22-1-150400.9.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): kernel-obs-build-5.14.21-150400.24.103.1, kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1, kernel-source-5.14.21-150400.24.103.1, kernel-syms-5.14.21-150400.24.103.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Robert Frohl 2024-06-10 09:29:14 UTC

done, closing