APPLIED[L/J]: [Jammy, OEM-5.17, OEM-6.0, OEM-6.1, Lunar 0/2] CVE-2023-3777 // CVE-2023-3995

Stefan Bader stefan.bader at canonical.com
Fri Aug 4 09:01:05 UTC 2023 

On 03.08.23 17:15, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> The two vulnerabilities affect nftables and allow an unprivileged user to
> escalate privileges.
> 
> [Backport]
> The 2 commits fix the same commit ID and apply cleanly of the affected series.
> 
> [Potential regression]
> nftables users may regress.
> 
> Pablo Neira Ayuso (2):
>    netfilter: nf_tables: skip bound chain on rule flush
>    netfilter: nf_tables: disallow rule addition to bound chain via
>      NFTA_RULE_CHAIN_ID
> 
>   net/netfilter/nf_tables_api.c | 7 +++++--
>   1 file changed, 5 insertions(+), 2 deletions(-)
> 

Applied to lunar,jammy:linux/master-next. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230804/dfe9ae3b/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230804/dfe9ae3b/attachment-0001.sig>

More information about the kernel-team mailing list