CVE-2023-54200 netfilter: nf_tables: always release netdev hooks from notifier

🗓️ 30 Dec 2025 12:09:05Reported by LinuxType

CVE-2023-54200 fixes nf_tables netdev hooks to avoid use after free on peer netns release.

Reporter	Title	Published	Views	Family All 23
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-228)	28 Jun 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2023-021 (ALASKERNEL-5.15-2023-021)	29 Jun 202300:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-54200	31 Dec 202500:00	–	nessus
Amazon	Important: kernel	27 Jun 202300:00	–	amazon
Amazon	Important: kernel	28 Jun 202300:00	–	amazon
AstraLinux	Astra Linux - уязвимость в linux-5.10, linux-5.15	20 May 202605:53	–	astralinux
CNNVD	Linux kernel 安全漏洞	30 Dec 202500:00	–	cnnvd
CVE	CVE-2023-54200	30 Dec 202512:09	–	cve
Debian CVE	CVE-2023-54200	30 Dec 202512:09	–	debiancve
EUVD	EUVD-2023-60441	30 Dec 202515:30	–	euvd

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/netfilter/nft_chain_filter.c"
    ],
    "versions": [
      {
        "version": "68a3765c659f809dcaac20030853a054646eb739",
        "lessThan": "8d56f00c61f67b450fbbdcb874855e60ad92c560",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "68a3765c659f809dcaac20030853a054646eb739",
        "lessThan": "30e4b13b1bfbdf3bf3b27036d8209ea1b9f0d880",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "68a3765c659f809dcaac20030853a054646eb739",
        "lessThan": "94032527efbac13be702c76afb9d872c0cca7a43",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "68a3765c659f809dcaac20030853a054646eb739",
        "lessThan": "dc1c9fd4a8bbe1e06add9053010b652449bfe411",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "90c7c58aa2bd02c65a4c63b7dfe0b16eab12cf9f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5.14.15",
        "lessThan": "5.15",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/netfilter/nft_chain_filter.c"
    ],
    "versions": [
      {
        "version": "5.15",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.15",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.113",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.30",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.3.4",
        "lessThanOrEqual": "6.3.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.4",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/8d56f00c61f67b450fbbdcb874855e60ad92c560
git	www.git.kernel.org/stable/c/94032527efbac13be702c76afb9d872c0cca7a43
git	www.git.kernel.org/stable/c/30e4b13b1bfbdf3bf3b27036d8209ea1b9f0d880
git	www.git.kernel.org/stable/c/dc1c9fd4a8bbe1e06add9053010b652449bfe411

23 May 2026 15:34Current

EPSS0.00168