CVE-2023-53179
📋 TL;DR
A missing macro in the Linux kernel's netfilter ipset module causes integer underflow when calculating array offsets, leading to slab out-of-bounds memory access. This vulnerability allows local attackers to potentially escalate privileges or crash the system. Systems running affected Linux kernel versions with netfilter ipset enabled are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to root, kernel panic causing system crash, or arbitrary code execution in kernel context.
Likely Case
Kernel panic leading to denial of service or local privilege escalation if combined with other vulnerabilities.
If Mitigated
Limited impact if proper access controls restrict local user accounts and ipset functionality is disabled.
🎯 Exploit Status
Requires local access and knowledge of ipset operations to trigger the vulnerable code path.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with commits 050d91c03b28ca479df13dfb02bcd2c60dd6a878 or other listed fixes
Vendor Advisory: https://git.kernel.org/stable/c/050d91c03b28ca479df13dfb02bcd2c60dd6a878
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable ipset module
linuxUnload the vulnerable netfilter ipset kernel module if not required
sudo rmmod ip_set_hash_netportnet
sudo rmmod ip_set
Blacklist ipset module
linuxPrevent ipset module from loading at boot
echo 'blacklist ip_set' | sudo tee /etc/modprobe.d/blacklist-ipset.conf
🧯 If You Can't Patch
- Restrict local user access to prevent exploitation
- Monitor system logs for kernel panic or unusual ipset activity
🔍 How to Verify
Check if Vulnerable:
Check if ip_set module is loaded: lsmod | grep ip_setCheck Version:
uname -rVerify Fix Applied:
Check kernel version against patched versions from your distribution's security advisories📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- Oops messages in dmesg
- Slab corruption warnings
Network Indicators:
- Unusual ipset configuration changes
SIEM Query:
Search for 'kernel panic', 'Oops', or 'slab' in system logs from hosts with ipset enabled🔗 References
- https://git.kernel.org/stable/c/050d91c03b28ca479df13dfb02bcd2c60dd6a878
- https://git.kernel.org/stable/c/109e830585e89a03d554bf8ad0e668630d0a6260
- https://git.kernel.org/stable/c/7935b636dd693dfe4483cfef4a1e91366c8103fa
- https://git.kernel.org/stable/c/7ca0706c68adadf86a36b60dca090f5e9481e808
- https://git.kernel.org/stable/c/83091f8ac03f118086596f17c9a52d31d6ca94b3
- https://git.kernel.org/stable/c/a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14
- https://git.kernel.org/stable/c/d59b6fc405549f7caf31f6aa5da1d6bef746b166
- https://git.kernel.org/stable/c/d95c8420efe684b964e3aa28108e9a354bcd7225
- https://git.kernel.org/stable/c/e632d09dffc68b9602d6893a99bfe3001d36cefc
