Login Sign Up

CVE-2023-53566

5.5 MEDIUM
Denial of Service

📋 TL;DR

A null pointer dereference vulnerability in the Linux kernel's netfilter nft_set_rbtree component can cause kernel crashes or potential privilege escalation. This affects Linux systems using nftables firewall functionality. Attackers with local access could trigger this to crash the system or potentially execute arbitrary code.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches available for multiple stable branches
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when nftables firewall subsystem is enabled and in use

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, or potential privilege escalation to root if combined with other vulnerabilities

🟠

Likely Case

Denial of service through kernel crash or system instability

🟢

If Mitigated

Limited impact if nftables is not in use or proper access controls prevent local user exploitation

🌐 Internet-Facing: LOW - Requires local access to trigger, not directly exploitable over network
🏢 Internal Only: MEDIUM - Local users or processes could trigger the vulnerability causing system instability

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and ability to interact with nftables subsystem

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with fixes available (see references)

Vendor Advisory: https://git.kernel.org/stable/c/3fa13203b6d90cc3a33af47b058739f92ab82eef

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable nftables

linux

Disable nftables firewall subsystem if not required

sudo systemctl stop nftables
sudo systemctl disable nftables

🧯 If You Can't Patch

  • Restrict local user access to prevent unauthorized users from interacting with nftables
  • Monitor system logs for kernel panic or crash events related to netfilter

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if nftables is enabled: 'uname -r' and 'systemctl status nftables'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version and system remains stable during nftables operations

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • null pointer dereference errors in kernel logs
  • system crash/reboot events

Network Indicators:

  • None - local exploitation only

SIEM Query:

source="kernel" AND ("null-ptr-deref" OR "general protection fault" OR "KASAN: null-ptr-deref")

📊 Metadata

CVE ID: CVE-2023-53566
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
EPSS Score: 0.02% exploit probability (5.5th percentile)
Published: October 4, 2025
Last Updated: February 6, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53566, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)
CVE-2023-47003 9.8

A NULL pointer dereference vulnerability in RedisGraph allows attackers to execute arbitrary code or...

Same vulnerability type (CWE-476)