{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53619","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-07T15:16:59.655Z","datePublished":"2025-10-07T15:19:26.003Z","dateUpdated":"2026-05-11T19:48:39.624Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:48:39.624Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: Avoid nf_ct_helper_hash uses after free\n\nIf nf_conntrack_init_start() fails (for example due to a\nregister_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini()\nclean-up path frees the nf_ct_helper_hash map.\n\nWhen built with NF_CONNTRACK=y, further netfilter modules (e.g:\nnetfilter_conntrack_ftp) can still be loaded and call\nnf_conntrack_helpers_register(), independently of whether nf_conntrack\ninitialized correctly. This accesses the nf_ct_helper_hash dangling\npointer and causes a uaf, possibly leading to random memory corruption.\n\nThis patch guards nf_conntrack_helper_register() from accessing a freed\nor uninitialized nf_ct_helper_hash pointer and fixes possible\nuses-after-free when loading a conntrack module."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/netfilter/nf_conntrack_helper.c"],"versions":[{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"4ee69c91cb8f9ca144bc0861969e5a1a3c6152a7","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"00716f25f9697d02a0d9bd622575c7c7321ba3d0","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"61c7a5256543ae7d24cd9d21853d514c8632e1e9","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"8289d422f5e484efe4a565fe18e862ecd621c175","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"6f03ce2f1abcb9f9d0511e3659ca6eb60e39f566","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"05561f822f27b9fa88fa5504ddec34bf38833034","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"fce5cc7cbd4b92f979bf02c9ec5fb69aaeba92d7","status":"affected","versionType":"git"},{"version":"12f7a505331e6b2754684b509f2ac8f0011ce644","lessThan":"6eef7a2b933885a17679eb8ed0796ddf0ee5309b","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/netfilter/nf_conntrack_helper.c"],"versions":[{"version":"3.6","status":"affected"},{"version":"0","lessThan":"3.6","status":"unaffected","versionType":"semver"},{"version":"4.14.322","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.291","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.251","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.188","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.121","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.39","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.4.4","lessThanOrEqual":"6.4.*","status":"unaffected","versionType":"semver"},{"version":"6.5","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"4.14.322"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"4.19.291"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"5.4.251"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"5.10.188"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"5.15.121"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"6.1.39"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"6.4.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"6.5"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4ee69c91cb8f9ca144bc0861969e5a1a3c6152a7"},{"url":"https://git.kernel.org/stable/c/00716f25f9697d02a0d9bd622575c7c7321ba3d0"},{"url":"https://git.kernel.org/stable/c/61c7a5256543ae7d24cd9d21853d514c8632e1e9"},{"url":"https://git.kernel.org/stable/c/8289d422f5e484efe4a565fe18e862ecd621c175"},{"url":"https://git.kernel.org/stable/c/6f03ce2f1abcb9f9d0511e3659ca6eb60e39f566"},{"url":"https://git.kernel.org/stable/c/05561f822f27b9fa88fa5504ddec34bf38833034"},{"url":"https://git.kernel.org/stable/c/fce5cc7cbd4b92f979bf02c9ec5fb69aaeba92d7"},{"url":"https://git.kernel.org/stable/c/6eef7a2b933885a17679eb8ed0796ddf0ee5309b"}],"title":"netfilter: conntrack: Avoid nf_ct_helper_hash uses after free","x_generator":{"engine":"bippy-1.2.0"}}}}