CHK NVD : CVE-2023-42753 - a67e12d3

[witchcraze]

[CVE Configuration Update Request] Update Suggestion - CVE-2023-42753 - Cvss3 : 7.8

https://www.linuxkernelcves.com/cves/CVE-2023-42753 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-42753.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-42753.json

- CVE-2023-42753
- Suggested Configuration
  - OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.14.0 up to (excluding) 4.14.326
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.19.0 up to (excluding) 4.19.295
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.10.0 up to (excluding) 5.10.195
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.15.0 up to (excluding) 5.15.132
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.4.0 up to (excluding) 5.4.257
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.1.0 up to (excluding) 6.1.53
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.4.0 up to (excluding) 6.4.16
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.5.0 up to (excluding) 6.5.3
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.6.0 up to (excluding) 6.6
- Reference
  - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.14.326
  - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.19.295
  - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.195
  - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.132
  - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.257
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.53
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.4.16
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5.3
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.6
- Reference (Commit)
  - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
    - Fixed by
      - 4.14.326 (7935b636dd693dfe4483cfef4a1e91366c8103fa)
      - 4.19.295 (e632d09dffc68b9602d6893a99bfe3001d36cefc)
      - 5.10.195 (83091f8ac03f118086596f17c9a52d31d6ca94b3)
      - 5.15.132 (a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14)
      - 5.4.257 (109e830585e89a03d554bf8ad0e668630d0a6260)
      - 6.1.53 (7ca0706c68adadf86a36b60dca090f5e9481e808)
      - 6.4.16 (d59b6fc405549f7caf31f6aa5da1d6bef746b166)
      - 6.5.3 (d95c8420efe684b964e3aa28108e9a354bcd7225)
      - 6.6 (050d91c03b28ca479df13dfb02bcd2c60dd6a878) (upstream)
    - Will be introduced by
      - 4.14.84 (0d5d0b5c41f7)
      - 4.19.5 (cb3e590df429)
      - 4.20 (886503f34d63)
      - 4.4.165 (186642845b02)
      - 4.9.141 (919560afc21f)
- I Checked
  - XXXXXXXXXXXXXXXXXXXXXXXXXXXX is written as upstream commit in each ChangeLog
  - From XXXXXXXX commit page, XXXXXXXXXXX is the most oldest in commit-branches area
  - For 3.16.35, there is related post at lkml
  - For 3.16 series, 3.16.35 is the next release from 3.16.7 which was released at 2014
  - https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/
  - XXXX

https://nvd.nist.gov/vuln/detail/CVE-2023-42753	URI	Start(Ex)	Start(Inc)	End(Ex)	End(Inc)
cpe:/o:redhat:enterprise_linux:9.0
cpe:/o:redhat:enterprise_linux:8.0
cpe:/o:redhat:enterprise_linux:7.0
cpe:/o:linux:linux_kernel	6.6
cpe:/o:debian:debian_linux:10.0

[witchcraze]

- CVE-2023-42753
- Suggested Configuration
  - OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.4.165 up to (excluding) 4.5
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.9.141 up to (excluding) 4.10
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.14.84 up to (excluding) 4.15
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.19.5 up to (excluding) 4.19.295
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.257
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.195
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.132
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.53
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.4.16
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.5 up to (excluding) 6.5.3
- Reference
  - https://ubuntu.com/security/CVE-2023-42753
  - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.14.326
  - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.19.295
  - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.257
  - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.195
  - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.132
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.53
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.4.16
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5.3
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.6
  - Introduce
    - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.4.165
    - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.9.141
    - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.14.84
    - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.19.5
    - https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.20
- Reference (Commit)
  - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c
    - Fixed by
      - 4.14.326 (7935b636dd693dfe4483cfef4a1e91366c8103fa)
      - 4.19.295 (e632d09dffc68b9602d6893a99bfe3001d36cefc)
      - 5.4.257 (109e830585e89a03d554bf8ad0e668630d0a6260)
      - 5.10.195 (83091f8ac03f118086596f17c9a52d31d6ca94b3)
      - 5.15.132 (a9e6142e5f8f6ac7d1bca45c1b2b13b084ea9e14)
      - 6.1.53 (7ca0706c68adadf86a36b60dca090f5e9481e808)
      - 6.4.16 (d59b6fc405549f7caf31f6aa5da1d6bef746b166)
      - 6.5.3 (d95c8420efe684b964e3aa28108e9a354bcd7225)
      - 6.6 (050d91c03b28ca479df13dfb02bcd2c60dd6a878) (upstream)
    - Will be introduced by
      - 4.4.165 (186642845b02)
      - 4.9.141 (919560afc21f)
      - 4.14.84 (0d5d0b5c41f7)
      - 4.19.5 (cb3e590df429)
      - 4.20 (886503f34d63)
- I Checked
  - From ubuntu page
    - Introduced by 886503f34d63e681662057448819edb5b1057a97 Fixed by 050d91c03b28ca479df13dfb02bcd2c60dd6a878
  - 050d91c03b28ca479df13dfb02bcd2c60dd6a878 is written as upstream commit in each ChangeLog
  - 886503f34d63e681662057448819edb5b1057a97 is written in ChangeLog-4.20
  - 886503f34d63e681662057448819edb5b1057a97 is written as upstream commit in each ChangeLog (introduce)