[SRU][Jammy/Jammy-OEM-6.0/Jammy-OEM-6.1/Lunar][PATCH 0/1] CVE-2023-4569
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Aug 30 19:45:38 UTC 2023
[Impact]
A memory leak flaw was found in nft_set_catchall_flush in
net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow
a local attacker to cause a double-deactivations of catchall elements,
which results in a memory leak.
[Backport]
It is a clean cherry pick.
[Test]
Compile and boot tested.
Florian Westphal (1):
netfilter: nf_tables: deactivate catchall elements in next generation
net/netfilter/nf_tables_api.c | 1 +
1 file changed, 1 insertion(+)
--
2.34.1
More information about the kernel-team
mailing list