[Jammy,OEM-5.17,OEM-6.0,OEM-6.1,Lunar 0/3] CVE-2023-4015
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Aug 3 18:30:59 UTC 2023
[Impact]
Unprivileged users may use nftables to cause a use-after-free, potentially
leading to privilege escalation.
[Backport]
This requires CVE-2023-3610 mitigations to be applied on 5.15 and later.
It also requires CVE-2023-3390 mitigations to be applied on OEM-5.17 and
OEM-6.0.
A pre-requisite commit was necessary and a follow-up for it were also
applied.
CVE-2023-3610 fix, pre-req and follow-up were already applied on oem-6.1,
thus skipped there.
[Potential regression]
nftables users may find regressions.
Pablo Neira Ayuso (3):
netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound
set/chain
netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR
netfilter: nf_tables: unbind non-anonymous set if rule construction
fails
include/net/netfilter/nf_tables.h | 2 ++
net/netfilter/nf_tables_api.c | 47 ++++++++++++++++++++++++++-----
net/netfilter/nft_immediate.c | 28 ++++++++++++------
3 files changed, 62 insertions(+), 15 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list