ACK: [Jammy, OEM-5.17, OEM-6.0, OEM-6.1, Lunar 0/2] CVE-2023-3777 // CVE-2023-3995
Tim Gardner
tim.gardner at canonical.com
Thu Aug 3 18:42:01 UTC 2023
On 8/3/23 9:15 AM, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> The two vulnerabilities affect nftables and allow an unprivileged user to
> escalate privileges.
>
> [Backport]
> The 2 commits fix the same commit ID and apply cleanly of the affected series.
>
> [Potential regression]
> nftables users may regress.
>
> Pablo Neira Ayuso (2):
> netfilter: nf_tables: skip bound chain on rule flush
> netfilter: nf_tables: disallow rule addition to bound chain via
> NFTA_RULE_CHAIN_ID
>
> net/netfilter/nf_tables_api.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list