DEBIAN-CVE-2023-53619
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free If nf_conntrack_init_start() fails (for example due to a register_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini() clean-up path frees the nf_ct_helper_hash map. When built with NF_CONNTRACK=y, further netfilter modules (e.g: netfilter_conntrack_ftp) can still be loaded and call nf_conntrack_helpers_register(), independently of whether nf_conntrack initialized correctly. This accesses the nf_ct_helper_hash dangling pointer and causes a uaf, possibly leading to random memory corruption. This patch guards nf_conntrack_helper_register() from accessing a freed or uninitialized nf_ct_helper_hash pointer and fixes possible uses-after-free when loading a conntrack module.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 0, 0, 0 |
| Debian:11 | linux | 5.10.92-2, 5.10.120-1, 5.10.120-1~bpo10+1 |
| Debian:12 | linux | 6.1.27-1, 6.1.38-1, 6.1.38-2 |
| Debian:13 | linux | 0, 0, 0 |
Timeline
- Oct 7, 2025 CVE Published
- Apr 28, 2026 CVE Updated