netfilter: allow exp not to be removed in nf_ct_find_expectation

...

SUSE-SU-2025:02850-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52927: netfilter: allow exp not to be removed in...

DEBIAN-CVE-2023-52927

In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nfctfindexpectation Currently nfconntrackin calling nfctfindexpectation will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the...

CVE-2023-52927

CVE-2023-52927 affects the Linux kernel netfilter feature: nf_conntrack_in() calling nf_ct_find_expectation() currently removes the exp from the hash table, which could occur before the created connection is confirmed. The patch introduces a mechanism to keep the exp when the tmpl’s status has IP...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nfctfindexpectation function not removing exp, which could result in ct's being created that are not...