EGI SVG Advisories


Title:   EGI SVG 'ADVISORY' [TLP:WHITE]  CRITICAL risk - RHEL 9 - Buffer overflow 
         vulnerability in Linux Kernel Netfilter.  [EGI-SVG-CVE-2023-0179]  

Date:        2023-03-13
Updated:     2023-04-21

Affected software and risk

CRITICAL Risk vulnerability concerning Linux Kernel Netfilter.

Package    : Linux Kernel
CVE ID     : CVE-2023-0179
CVSS Score : 7.8 [R 1] 

A buffer overflow vulnerability was found in the Netfilter subsystem in the 
Linux Kernel. This issue could allow the leakage of both stack and heap 
addresses, and potentially allow Local Privilege Escalation to the root 
user via arbitrary code execution.

For RHEL and derivatives, only 9 is affected. [R 1]

Actions required/recommended

Sites that have UIs, WNs or other hosts which may have unprivileged users 
(including inside containers) running on RHEL9 or derivatives must urgently 

All running resources MUST be either patched or have mitigation in place or 
software removed by 2023-03-21  00:00 UTC

Sites failing to act and/or failing to respond to requests from the EGI CSIRT 
team risk site suspension.

Component installation information

Sites running RHEL 9 should see [R 1]

Sites running CentOS Stream 9 should also see [R 1] and [R 2] 

Sites running RockyLinux 9 should see [R 3] 

Sites running Almalinux 9 should see [R 4] 

Sites running Debian should see [R 5]

Sites running Ubuntu should see [R 6]

More information

For detailed background information see [R 7] 


** WHITE information - Unlimited distribution
 - see for
   distribution restrictions **
Minor updates may be made without re-distribution to the sites


Comments or questions should be sent to svg-rat  at
If you find or become aware of another vulnerability which is relevant to EGI
you may report it by e-mail to

report-vulnerability at

the EGI Software Vulnerability Group will take a look according to the
procedure defined in [R 99]


[R 1]

[R 2] 

[R 3] 

[R 4] 

[R 5]

[R 6]

[R 7]

[R 99]


Yyyy-mm-dd  [EGI-SVG-2023-CVE-2023-0179] 

2023-03-08 SVG became aware of this issue
2023-03-09 Since RHEL9 is an option for sites, decided to issue an advisory. 
2023-03-10 Risk assessment complete. 
2023-03-13 Advisory Sent to sites


This advisory has been prepared as part of the effort to fulfil EGI SVG's
purpose "To minimize the risk to the EGI infrastructure arising from software
The risk is that assessed by the group, according to the EGI SVG issue handling
procedure [R 99] in the context of how the software is used in the EGI
infrastructure. It is the opinion of the group, we do not guarantee it to be
correct. The risk may also be higher or lower in other deployments depending on
how the software is used.

This advisory is subject to the Creative commons licence 
and the EGI Software Vulnerability Group must be credited. 

On behalf of the EGI SVG,