{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "5f9ae3d9e7e4ad6db0491abc7c4ae5452dbeadd8"
            },
            {
              "fixed": "8f0eb24f1a7a60ce635f0d757a46f1a37a4d467d"
            },
            {
              "fixed": "7f9828fb1f688210e681268490576f0ca65c322a"
            },
            {
              "fixed": "ca3cf947760de050d558293002ad3e7f4b8745d2"
            },
            {
              "fixed": "f9753ebd61be2d957b5504cbd3fd719674f05b7a"
            },
            {
              "fixed": "5e9398a26a92fc402d82ce1f97cc67d832527da0"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52996.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: prevent potential spectre v1 gadget in fib_metrics_match()\n\nif (!type)\n        continue;\n    if (type \u003e RTAX_MAX)\n        return false;\n    ...\n    fi_val = fi-\u003efib_metrics-\u003emetrics[type - 1];\n\n@type being used as an array index, we need to prevent\ncpu speculation or risk leaking kernel memory content.",
  "id": "CVE-2023-52996",
  "modified": "2026-04-01T23:08:16.703172283Z",
  "published": "2025-03-27T16:43:30.547Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5e9398a26a92fc402d82ce1f97cc67d832527da0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7f9828fb1f688210e681268490576f0ca65c322a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8f0eb24f1a7a60ce635f0d757a46f1a37a4d467d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ca3cf947760de050d558293002ad3e7f4b8745d2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f9753ebd61be2d957b5504cbd3fd719674f05b7a"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52996.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52996"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "summary": "ipv4: prevent potential spectre v1 gadget in fib_metrics_match()"
}