ACK: [Jammy, OEM-5.17, OEM-6.0, OEM-6.1, Lunar 0/2] CVE-2023-3777 // CVE-2023-3995
Stefan Bader
stefan.bader at canonical.com
Fri Aug 4 07:36:13 UTC 2023
On 03.08.23 17:15, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> The two vulnerabilities affect nftables and allow an unprivileged user to
> escalate privileges.
>
> [Backport]
> The 2 commits fix the same commit ID and apply cleanly of the affected series.
>
> [Potential regression]
> nftables users may regress.
>
> Pablo Neira Ayuso (2):
> netfilter: nf_tables: skip bound chain on rule flush
> netfilter: nf_tables: disallow rule addition to bound chain via
> NFTA_RULE_CHAIN_ID
>
> net/netfilter/nf_tables_api.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230804/61efa006/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230804/61efa006/attachment-0001.sig>
More information about the kernel-team
mailing list