ACK: [SRU][Jammy/Jammy-OEM-6.0/Jammy-OEM-6.1/Lunar][PATCH 0/1] CVE-2023-4569
Cengiz Can
cengiz.can at canonical.com
Wed Aug 30 19:54:21 UTC 2023
On 30/08/2023 22:45, Yuxuan Luo wrote:
> [Impact]
> A memory leak flaw was found in nft_set_catchall_flush in
> net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow
> a local attacker to cause a double-deactivations of catchall elements,
> which results in a memory leak.
>
> [Backport]
> It is a clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> Florian Westphal (1):
> netfilter: nf_tables: deactivate catchall elements in next generation
Acked-by: Cengiz Can <cengiz.can at canonical.com>
>
> net/netfilter/nf_tables_api.c | 1 +
> 1 file changed, 1 insertion(+)
>
More information about the kernel-team
mailing list