ACK: [SRU Bionic/Focal 0/1] CVE-2022-34918
Stefan Bader
stefan.bader at canonical.com
Mon Jul 18 08:57:02 UTC 2022
On 14.07.22 23:28, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An out-of-bounds write when adding a new element to a set on the netfilter
> subsystem in Linux may allow for privilege escalation.
>
> [Test case]
> A reproducer that crashes the system was tested and stopped working with the fix.
>
> [Fix]
> Backport simply applied the same logic to a different place in the code as it was
> moved to its own function on later versions.
>
> [Potential regression]
> nftables/netfilter users would be affected.
>
> Pablo Neira Ayuso (1):
> netfilter: nf_tables: stricter validation of element data
>
> net/netfilter/nf_tables_api.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220718/b463f660/attachment.sig>
More information about the kernel-team
mailing list