CVE-2023-52977 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new Syzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 (size 632): comm "syz-executor231", pid 1090, jiffies 4294844701 (age 18.871s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline] [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77 [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957 [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739 [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800 [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515 [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339 [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934 [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline] [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671 [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356 [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410 [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439 [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6 To fix this the patch rearranges the goto labels to reflect the order of object allocations and adds appropriate goto statements on the error paths. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-0:4.18.0-513.5.1.el8_9	cpe:/o:redhat:enterprise_linux:8	RHSA-2023:7077	2023-11-14T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-362.8.1.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:6583	2023-11-07T00:00:00Z
kernel-0:5.14.0-362.8.1.el9_3	cpe:/o:redhat:enterprise_linux:9	RHSA-2023:6583	2023-11-07T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30
https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee
https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d
https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b
https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386
https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb
https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf
https://lore.kernel.org/linux-cve-announce/2025032704-CVE-2023-52977-f91d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52977
https://www.cve.org/CVERecord?id=CVE-2023-52977

History

Wed, 01 Oct 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 16 Apr 2025 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux

Tue, 15 Apr 2025 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Fri, 11 Apr 2025 03:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`	cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L'}` threat_severity `Moderate`

Fri, 28 Mar 2025 13:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025032704-CVE-2023-52977-f91d@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-52977 https://www.cve.org/CVERecord?id=CVE-2023-52977
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Thu, 27 Mar 2025 17:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new Syzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 (size 632): comm "syz-executor231", pid 1090, jiffies 4294844701 (age 18.871s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline] [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77 [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957 [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739 [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800 [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515 [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline] [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339 [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934 [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline] [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671 [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356 [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410 [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439 [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6 To fix this the patch rearranges the goto labels to reflect the order of object allocations and adds appropriate goto statements on the error paths. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
Title		net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
References		https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30 https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386 https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-03-27T16:43:17.234Z

Updated: 2025-10-01T17:21:59.721Z

Reserved: 2025-03-27T16:40:15.738Z

Link: CVE-2023-52977

Vulnrichment

Updated: 2025-10-01T14:36:09.016Z

NVD

Status : Modified

Published: 2025-03-27T17:15:44.793

Modified: 2025-10-01T18:15:34.343

Link: CVE-2023-52977

Redhat

Severity : Moderate

Publid Date: 2025-03-27T00:00:00Z

Links: CVE-2023-52977 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52977", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-03-27T16:40:15.738Z", "datePublished": "2025-03-27T16:43:17.234Z", "dateUpdated": "2025-10-01T17:21:59.721Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:49:58.492Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix flow memory leak in ovs_flow_cmd_new\n\nSyzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is\nnot freed when an allocation of a key fails.\n\nBUG: memory leak\nunreferenced object 0xffff888116668000 (size 632):\n comm \"syz-executor231\", pid 1090, jiffies 4294844701 (age 18.871s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline]\n [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77\n [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957\n [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739\n [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800\n [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515\n [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339\n [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934\n [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline]\n [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671\n [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356\n [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410\n [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439\n [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nTo fix this the patch rearranges the goto labels to reflect the order of\nobject allocations and adds appropriate goto statements on the error\npaths.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/openvswitch/datapath.c"], "versions": [{"version": "655e873bf528f0f46ce6b069f9a2daee9621197c", "lessThan": "1ac653cf886cdfc082708c82dc6ac6115cebd2ee", "status": "affected", "versionType": "git"}, {"version": "ee27d70556a47c3a07e65a60f47e3ea12a255af8", "lessThan": "af4e720bc00a2653f7b9df21755b9978b3d7f386", "status": "affected", "versionType": "git"}, {"version": "8b74211bf60b3e0c0ed4fe3d16c92ffdcaaf34eb", "lessThan": "ed6c5e8caf55778500202775167e8ccdb1a030cb", "status": "affected", "versionType": "git"}, {"version": "6736b61ecf230dd656464de0f514bdeadb384f20", "lessThan": "70154489f531587996f3e9d7cceeee65cff0001d", "status": "affected", "versionType": "git"}, {"version": "0133615a06007684df648feb9d327714e399afd4", "lessThan": "f423c2efd51d7eb1d143c2be7eea233241d9bbbf", "status": "affected", "versionType": "git"}, {"version": "32d5fa5bdccec2361fc6c4ed05a7367155b3a1e9", "lessThan": "70d40674a549d498bd63d5432acf46205da1534b", "status": "affected", "versionType": "git"}, {"version": "68bb10101e6b0a6bb44e9c908ef795fc4af99eae", "lessThan": "0c598aed445eb45b0ee7ba405f7ece99ee349c30", "status": "affected", "versionType": "git"}, {"version": "4f592e712ea2132f511d545954867d7880df5be2", "status": "affected", "versionType": "git"}, {"version": "a991a411c3e21ef22507400dbb179ae02029d42c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/openvswitch/datapath.c"], "versions": [{"version": "4.14.303", "lessThan": "4.14.306", "status": "affected", "versionType": "semver"}, {"version": "4.19.270", "lessThan": "4.19.273", "status": "affected", "versionType": "semver"}, {"version": "5.4.229", "lessThan": "5.4.232", "status": "affected", "versionType": "semver"}, {"version": "5.10.163", "lessThan": "5.10.168", "status": "affected", "versionType": "semver"}, {"version": "5.15.86", "lessThan": "5.15.93", "status": "affected", "versionType": "semver"}, {"version": "6.1.2", "lessThan": "6.1.11", "status": "affected", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.303", "versionEndExcluding": "4.14.306"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.270", "versionEndExcluding": "4.19.273"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.229", "versionEndExcluding": "5.4.232"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.163", "versionEndExcluding": "5.10.168"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.86", "versionEndExcluding": "5.15.93"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.2", "versionEndExcluding": "6.1.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9.337"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee"}, {"url": "https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386"}, {"url": "https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb"}, {"url": "https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d"}, {"url": "https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf"}, {"url": "https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b"}, {"url": "https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30"}], "title": "net: openvswitch: fix flow memory leak in ovs_flow_cmd_new", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-401", "lang": "en", "description": "CWE-401 Missing Release of Memory after Effective Lifetime"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-10-01T17:21:57.463878Z", "id": "CVE-2023-52977", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T17:21:59.721Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-52977", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-01T17:21:57.463878Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-01T14:36:09.016Z"}}], "cna": {"title": "net: openvswitch: fix flow memory leak in ovs_flow_cmd_new", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "655e873bf528f0f46ce6b069f9a2daee9621197c", "lessThan": "1ac653cf886cdfc082708c82dc6ac6115cebd2ee", "versionType": "git"}, {"status": "affected", "version": "ee27d70556a47c3a07e65a60f47e3ea12a255af8", "lessThan": "af4e720bc00a2653f7b9df21755b9978b3d7f386", "versionType": "git"}, {"status": "affected", "version": "8b74211bf60b3e0c0ed4fe3d16c92ffdcaaf34eb", "lessThan": "ed6c5e8caf55778500202775167e8ccdb1a030cb", "versionType": "git"}, {"status": "affected", "version": "6736b61ecf230dd656464de0f514bdeadb384f20", "lessThan": "70154489f531587996f3e9d7cceeee65cff0001d", "versionType": "git"}, {"status": "affected", "version": "0133615a06007684df648feb9d327714e399afd4", "lessThan": "f423c2efd51d7eb1d143c2be7eea233241d9bbbf", "versionType": "git"}, {"status": "affected", "version": "32d5fa5bdccec2361fc6c4ed05a7367155b3a1e9", "lessThan": "70d40674a549d498bd63d5432acf46205da1534b", "versionType": "git"}, {"status": "affected", "version": "68bb10101e6b0a6bb44e9c908ef795fc4af99eae", "lessThan": "0c598aed445eb45b0ee7ba405f7ece99ee349c30", "versionType": "git"}, {"status": "affected", "version": "4f592e712ea2132f511d545954867d7880df5be2", "versionType": "git"}, {"status": "affected", "version": "a991a411c3e21ef22507400dbb179ae02029d42c", "versionType": "git"}], "programFiles": ["net/openvswitch/datapath.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.14.303", "lessThan": "4.14.306", "versionType": "semver"}, {"status": "affected", "version": "4.19.270", "lessThan": "4.19.273", "versionType": "semver"}, {"status": "affected", "version": "5.4.229", "lessThan": "5.4.232", "versionType": "semver"}, {"status": "affected", "version": "5.10.163", "lessThan": "5.10.168", "versionType": "semver"}, {"status": "affected", "version": "5.15.86", "lessThan": "5.15.93", "versionType": "semver"}, {"status": "affected", "version": "6.1.2", "lessThan": "6.1.11", "versionType": "semver"}], "programFiles": ["net/openvswitch/datapath.c"], "defaultStatus": "unaffected"}], "references": [{"url": "https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee"}, {"url": "https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386"}, {"url": "https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb"}, {"url": "https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d"}, {"url": "https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf"}, {"url": "https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b"}, {"url": "https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix flow memory leak in ovs_flow_cmd_new\n\nSyzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is\nnot freed when an allocation of a key fails.\n\nBUG: memory leak\nunreferenced object 0xffff888116668000 (size 632):\n comm \"syz-executor231\", pid 1090, jiffies 4294844701 (age 18.871s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline]\n [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77\n [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957\n [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739\n [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800\n [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515\n [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339\n [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934\n [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline]\n [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671\n [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356\n [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410\n [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439\n [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nTo fix this the patch rearranges the goto labels to reflect the order of\nobject allocations and adds appropriate goto statements on the error\npaths.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.306", "versionStartIncluding": "4.14.303"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.273", "versionStartIncluding": "4.19.270"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.232", "versionStartIncluding": "5.4.229"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.168", "versionStartIncluding": "5.10.163"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.93", "versionStartIncluding": "5.15.86"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.11", "versionStartIncluding": "6.1.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "4.9.337"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "6.0.16"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:49:58.492Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52977", "state": "PUBLISHED", "dateUpdated": "2025-10-01T17:21:59.721Z", "dateReserved": "2025-03-27T16:40:15.738Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-03-27T16:43:17.234Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C8C5100-ECF6-4F64-9489-EFC7923A7591", "versionEndExcluding": "4.10", "versionStartIncluding": "4.9.337", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FD566E7-A4C9-4B80-8066-8813E4F64980", "versionEndExcluding": "4.14.306", "versionStartIncluding": "4.14.303", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B5F7481-6295-443C-8297-AAA7400EAF0C", "versionEndExcluding": "4.19.273", "versionStartIncluding": "4.19.270", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8FD5F9C-EDEC-495D-9CA3-4D3154063522", "versionEndExcluding": "5.4.232", "versionStartIncluding": "5.4.229", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C254C95-139A-4910-972B-2E64E3030DB5", "versionEndExcluding": "5.10.168", "versionStartIncluding": "5.10.163", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "21081389-6ED8-4898-80ED-81EF6A2B1FEC", "versionEndExcluding": "5.15.93", "versionStartIncluding": "5.15.86", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C7522E3-150F-436D-BBD7-96C7B4B795ED", "versionEndExcluding": "6.1", "versionStartIncluding": "6.0.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6AACE63B-510D-430C-ACD9-34922D790040", "versionEndExcluding": "6.1.11", "versionStartIncluding": "6.1.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix flow memory leak in ovs_flow_cmd_new\n\nSyzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is\nnot freed when an allocation of a key fails.\n\nBUG: memory leak\nunreferenced object 0xffff888116668000 (size 632):\n comm \"syz-executor231\", pid 1090, jiffies 4294844701 (age 18.871s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline]\n [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77\n [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957\n [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739\n [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800\n [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515\n [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339\n [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934\n [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline]\n [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671\n [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356\n [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410\n [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439\n [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nTo fix this the patch rearranges the goto labels to reflect the order of\nobject allocations and adds appropriate goto statements on the error\npaths.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: openvswitch: corrige p\u00e9rdida de memoria de flujo en ovs_flow_cmd_new Syzkaller informa una p\u00e9rdida de memoria de new_flow en ovs_flow_cmd_new() ya que no se libera cuando falla la asignaci\u00f3n de una clave. ERROR: Fuga de memoria, objeto no referenciado 0xffff888116668000 (tama\u00f1o 632): comunicaci\u00f3n \"syz-executor231\", pid 1090, jiffies 4294844701 (edad 18.871 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ seguimiento inverso: [<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [en l\u00ednea] [<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77 [<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957 [<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739 [<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [en l\u00ednea] [<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800 [<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515 [<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [en l\u00ednea] [<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339 [<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934 [<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [en l\u00ednea] [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671 [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356 [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410 [<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439 [<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 [<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6 Para solucionar esto, el parche reorganiza las etiquetas goto para reflejar el orden de asignaci\u00f3n de objetos y a\u00f1ade instrucciones goto adecuadas en las rutas de error. Encontrado por el Centro de Verificaci\u00f3n de Linux (linuxtesting.org) con Syzkaller."}], "id": "CVE-2023-52977", "lastModified": "2025-10-01T18:15:34.343", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-03-27T17:15:44.793", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-401"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7077", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-513.5.1.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-11-14T00:00:00Z"}, {"advisory": "RHSA-2023:6583", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-362.8.1.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-11-07T00:00:00Z"}, {"advisory": "RHSA-2023:6583", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-362.8.1.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-11-07T00:00:00Z"}], "bugzilla": {"description": "kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new", "id": "2355538", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355538"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "status": "verified"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: openvswitch: fix flow memory leak in ovs_flow_cmd_new\nSyzkaller reports a memory leak of new_flow in ovs_flow_cmd_new() as it is\nnot freed when an allocation of a key fails.\nBUG: memory leak\nunreferenced object 0xffff888116668000 (size 632):\ncomm \"syz-executor231\", pid 1090, jiffies 4294844701 (age 18.871s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000defa3494>] kmem_cache_zalloc include/linux/slab.h:654 [inline]\n[<00000000defa3494>] ovs_flow_alloc+0x19/0x180 net/openvswitch/flow_table.c:77\n[<00000000c67d8873>] ovs_flow_cmd_new+0x1de/0xd40 net/openvswitch/datapath.c:957\n[<0000000010a539a8>] genl_family_rcv_msg_doit+0x22d/0x330 net/netlink/genetlink.c:739\n[<00000000dff3302d>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[<00000000dff3302d>] genl_rcv_msg+0x328/0x590 net/netlink/genetlink.c:800\n[<000000000286dd87>] netlink_rcv_skb+0x153/0x430 net/netlink/af_netlink.c:2515\n[<0000000061fed410>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[<000000009dc0f111>] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n[<000000009dc0f111>] netlink_unicast+0x545/0x7f0 net/netlink/af_netlink.c:1339\n[<000000004a5ee816>] netlink_sendmsg+0x8e7/0xde0 net/netlink/af_netlink.c:1934\n[<00000000482b476f>] sock_sendmsg_nosec net/socket.c:651 [inline]\n[<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671\n[<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356\n[<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410\n[<0000000083ba9120>] __sys_sendmsg+0xe5/0x1b0 net/socket.c:2439\n[<00000000c00628f8>] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n[<000000004abfdcf4>] entry_SYSCALL_64_after_hwframe+0x61/0xc6\nTo fix this the patch rearranges the goto labels to reflect the order of\nobject allocations and adds appropriate goto statements on the error\npaths.\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."], "name": "CVE-2023-52977", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-03-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52977\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52977\nhttps://lore.kernel.org/linux-cve-announce/2025032704-CVE-2023-52977-f91d@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object