CVE-2023-5972

A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	6.2.1 (including)	6.5.10 (including)
Linux_kernel	Linux	6.2-rc1 (including)	6.2-rc1 (including)
Linux_kernel	Linux	6.2-rc2 (including)	6.2-rc2 (including)
Linux_kernel	Linux	6.2-rc3 (including)	6.2-rc3 (including)
Linux_kernel	Linux	6.2-rc4 (including)	6.2-rc4 (including)
Linux_kernel	Linux	6.2-rc5 (including)	6.2-rc5 (including)
Linux_kernel	Linux	6.2-rc6 (including)	6.2-rc6 (including)
Linux_kernel	Linux	6.2-rc7 (including)	6.2-rc7 (including)
Linux_kernel	Linux	6.2-rc8 (including)	6.2-rc8 (including)
Linux_kernel	Linux	6.2.0-rc1 (including)	6.2.0-rc1 (including)
Linux_kernel	Linux	6.2.0-rc2 (including)	6.2.0-rc2 (including)
Linux_kernel	Linux	6.2.0-rc3 (including)	6.2.0-rc3 (including)
Linux_kernel	Linux	6.2.0-rc4 (including)	6.2.0-rc4 (including)
Linux_kernel	Linux	6.2.0-rc5 (including)	6.2.0-rc5 (including)
Linux_kernel	Linux	6.2.0-rc6 (including)	6.2.0-rc6 (including)
Linux_kernel	Linux	6.6-rc1 (including)	6.6-rc1 (including)
Linux_kernel	Linux	6.6-rc2 (including)	6.6-rc2 (including)
Linux_kernel	Linux	6.6-rc3 (including)	6.6-rc3 (including)
Linux_kernel	Linux	6.6-rc4 (including)	6.6-rc4 (including)
Linux_kernel	Linux	6.6-rc5 (including)	6.6-rc5 (including)
Linux_kernel	Linux	6.6-rc6 (including)	6.6-rc6 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-5972
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References