{"id":"CVE-2023-53032","summary":"netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.\n\nWhen first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of\nan arithmetic expression 2 \u003c\u003c (netmask - mask_bits - 1) is subject\nto overflow due to a failure casting operands to a larger data type\nbefore performing the arithmetic.\n\nNote that it's harmless since the value will be checked at the next step.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.","modified":"2026-04-02T09:43:35.042615Z","published":"2025-03-27T16:44:00.286Z","related":["SUSE-SU-2025:01600-1","SUSE-SU-2025:02312-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53032.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/4e6a70fd840400e3a2e784a6673968a3eb2431c0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/511cf17b2447fc41cfef8d71936e1fa53e395c1e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9ea4b476cea1b7d461d16dda25ca3c7e616e2d15"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dfd834ccc1b88bbbab81b9046a3a539dd0c2d14f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e137d9bb26bd85ce07323a38e38ceb0b160db841"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e88865876d47c790be0d5e23973499d75d034364"},{"type":"WEB","url":"https://git.kernel.org/stable/c/feefb33eefa166fc3e0fd17547b0bc0cb3baced9"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53032.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53032"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b9fed748185a96b7cfe74afac4bd228e8af16f01"},{"fixed":"e137d9bb26bd85ce07323a38e38ceb0b160db841"},{"fixed":"dfd834ccc1b88bbbab81b9046a3a539dd0c2d14f"},{"fixed":"feefb33eefa166fc3e0fd17547b0bc0cb3baced9"},{"fixed":"4e6a70fd840400e3a2e784a6673968a3eb2431c0"},{"fixed":"511cf17b2447fc41cfef8d71936e1fa53e395c1e"},{"fixed":"e88865876d47c790be0d5e23973499d75d034364"},{"fixed":"9ea4b476cea1b7d461d16dda25ca3c7e616e2d15"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53032.json"}}],"schema_version":"1.7.5"}