Publish CVE-2023-52433

Allocated to 2ee52ae94baa ("netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction")

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

4 files changed, 154 insertions, 0 deletions

diff --git a/cve/reserved/2023/CVE-2023-52433 b/cve/published/2023/CVE-2023-52433
index e69de29b..e69de29b 100644
--- a/cve/reserved/2023/CVE-2023-52433
+++ b/cve/published/2023/CVE-2023-52433
diff --git a/cve/published/2023/CVE-2023-52433.json b/cve/published/2023/CVE-2023-52433.json
new file mode 100644
index 00000000..74064781
--- /dev/null
+++ b/cve/published/2023/CVE-2023-52433.json
@@ -0,0 +1,88 @@
+{
+   "containers": {
+      "cna": {
+         "providerMetadata": {
+            "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
+         },
+         "descriptions": [
+            {
+               "lang": "en",
+               "value": "netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction\n\nNew elements in this transaction might expired before such transaction\nends. Skip sync GC for such elements otherwise commit path might walk\nover an already released object. Once transaction is finished, async GC\nwill collect such expired element."
+            }
+         ],
+         "affected": [
+            {
+               "product": "Linux",
+               "vendor": "Linux",
+               "defaultStatus": "unaffected",
+               "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
+               "versions": [
+                  {
+                     "version": "f6c383b8c31a",
+                     "lessThan": "e3213ff99a35",
+                     "status": "affected",
+                     "versionType": "git"
+                  },
+                  {
+                     "version": "f6c383b8c31a",
+                     "lessThan": "2ee52ae94baa",
+                     "status": "affected",
+                     "versionType": "git"
+                  }
+               ]
+            },
+            {
+               "product": "Linux",
+               "vendor": "Linux",
+               "defaultStatus": "affected",
+               "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
+               "versions": [
+                  {
+                     "version": "6.5",
+                     "status": "affected"
+                  },
+                  {
+                     "version": "0",
+                     "lessThan": "6.5",
+                     "status": "unaffected",
+                     "versionType": "custom"
+                  },
+                  {
+                     "version": "6.5.4",
+                     "lessThanOrEqual": "6.5.*",
+                     "status": "unaffected",
+                     "versionType": "custom"
+                  },
+                  {
+                     "version": "6.6",
+                     "lessThanOrEqual": "*",
+                     "status": "unaffected",
+                     "versionType": "original_commit_for_fix"
+                  }
+               ]
+            }
+         ],
+         "references": [
+            {
+               "url": "https://git.kernel.org/stable/c/e3213ff99a35"
+            },
+            {
+               "url": "https://git.kernel.org/stable/c/2ee52ae94baa"
+            }
+         ],
+         "title": "netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction",
+         "x_generator": {
+            "engine": "bippy-c4875b56942e"
+         }
+      }
+   },
+   "cveMetadata": {
+      "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
+      "cveID": "CVE-2023-52433",
+      "requesterUserId": "gregkh@linuxfoundation.org",
+      "serial": "1",
+      "state": "PUBLISHED"
+   },
+   "dataType": "CVE_RECORD",
+   "dataVersion": "5.0"
+}
diff --git a/cve/published/2023/CVE-2023-52433.mbox b/cve/published/2023/CVE-2023-52433.mbox
new file mode 100644
index 00000000..20d2dab9
--- /dev/null
+++ b/cve/published/2023/CVE-2023-52433.mbox
@@ -0,0 +1,65 @@
+From bippy-c4875b56942e Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+To: <linux-cve-announce@vger.kernel.org>
+Reply-to: <cve@kernel.org>
+Subject: CVE-2023-52433: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
+Message-Id: <2024022058-outsell-equator-e1c5@gregkh>
+Content-Length: 1747
+Lines: 48
+X-Developer-Signature: v=1; a=openpgp-sha256; l=1796;
+ i=gregkh@linuxfoundation.org; h=from:subject:message-id;
+ bh=nRsk0B7+ayNFbX8BtXX6WxiRJj04TALho86h1XWQBcg=;
+ b=owGbwMvMwCRo6H6F97bub03G02pJDKlXFjzTunvlzZFAtjX7gtSUZXdk7IyJeHVt6qS7u29oh
+ nRK7ZVf3hHLwiDIxCArpsjyZRvP0f0VhxS9DG1Pw8xhZQIZwsDFKQATcU9nmCs7e19N98bQ1iNr
+ bi4+dfX7xqfJRzsZ5odyLMr75J19bYVU+FrbC9t9FVVypAE=
+X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp;
+ fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29
+
+Description
+===========
+
+netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
+
+New elements in this transaction might expired before such transaction
+ends. Skip sync GC for such elements otherwise commit path might walk
+over an already released object. Once transaction is finished, async GC
+will collect such expired element.
+
+The Linux kernel CVE team has assigned CVE-2023-52433 to this issue.
+
+
+Affected and fixed versions
+===========================
+
+	Issue introduced in 6.5 with commit f6c383b8c31a and fixed in 6.5.4 with commit e3213ff99a35
+	Issue introduced in 6.5 with commit f6c383b8c31a and fixed in 6.6 with commit 2ee52ae94baa
+
+Please see https://www.kernel.org or a full list of currently supported
+kernel versions by the kernel community.
+
+Unaffected versions might change over time as fixes are backported to
+older supported kernel versions.  The official CVE entry at
+	https://cve.org/CVERecord/?id=CVE-2023-52433
+will be updated if fixes are backported, please check that for the most
+up to date information about this issue.
+
+
+Affected files
+==============
+
+The file(s) affected by this issue are:
+	net/netfilter/nft_set_rbtree.c
+
+
+Mitigation
+==========
+
+The Linux kernel CVE team recommends that you update to the latest
+stable kernel version for this, and many other bugfixes.  Individual
+changes are never tested alone, but rather are part of a larger kernel
+release.  Cherry-picking individual commits is not recommended or
+supported by the Linux kernel community at all.  If however, updating to
+the latest release is impossible, the individual changes to resolve this
+issue can be found at these commits:
+	https://git.kernel.org/stable/c/e3213ff99a35
+	https://git.kernel.org/stable/c/2ee52ae94baa
diff --git a/cve/published/2023/CVE-2023-52433.sha1 b/cve/published/2023/CVE-2023-52433.sha1
new file mode 100644
index 00000000..d1d72605
--- /dev/null
+++ b/cve/published/2023/CVE-2023-52433.sha1
@@ -0,0 +1 @@
+2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4