[Jammy, OEM-5.17, OEM-6.0, OEM-6.1, Lunar 0/2] CVE-2023-3777 // CVE-2023-3995
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Aug 3 15:15:22 UTC 2023
[Impact]
The two vulnerabilities affect nftables and allow an unprivileged user to
escalate privileges.
[Backport]
The 2 commits fix the same commit ID and apply cleanly of the affected series.
[Potential regression]
nftables users may regress.
Pablo Neira Ayuso (2):
netfilter: nf_tables: skip bound chain on rule flush
netfilter: nf_tables: disallow rule addition to bound chain via
NFTA_RULE_CHAIN_ID
net/netfilter/nf_tables_api.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list