CVE-2023-53566

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfilter: nft_set_rbtree: fix null deref on element insertion<br /> <br /> There is no guarantee that rb_prev() will not return NULL in nft_rbtree_gc_elem():<br /> <br /> general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN<br /> KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]<br /> nft_add_set_elem+0x14b0/0x2990<br /> nf_tables_newsetelem+0x528/0xb30<br /> <br /> Furthermore, there is a possible use-after-free while iterating,<br /> &amp;#39;node&amp;#39; can be free&amp;#39;d so we need to cache the next value to use.