In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an already released object. Once transaction is finished, async GC will collect such expired element. https://git.kernel.org/stable/c/2ee52ae94baabf7ee09cf2a8d854b990dac5d0e4 https://git.kernel.org/stable/c/e3213ff99a355cda811b41e8dbb3472d13167a3a
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2265187]
This was fixed for Fedora with the 6.7.5 stable kernel updates.
I apologize, this one is actually fixed with the 6.5.4 stable kernel updates, I had it confused with another.
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2023-52433 is: CHECK Maybe valid. Check manually. with impact MODERATE (that is approximation based on flags REMOTE SIMPLEFIX NETFILTER ; these flags parsed automatically based on patche data). Such automatic check happens only for Low/Moderates (and only when not from reporter, but parsing already existing CVE). Highs always checked manually (I check it myself and then we check it again in Remediation team). In rare cases some of the Moderates could be increased to High later.