ACK: [SRU][Jammy/Jammy-OEM-6.0/Jammy-OEM-6.1/Lunar][PATCH 0/1] CVE-2023-4569
Tim Gardner
tim.gardner at canonical.com
Thu Aug 31 12:40:24 UTC 2023
On 8/30/23 1:45 PM, Yuxuan Luo wrote:
> [Impact]
> A memory leak flaw was found in nft_set_catchall_flush in
> net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow
> a local attacker to cause a double-deactivations of catchall elements,
> which results in a memory leak.
>
> [Backport]
> It is a clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> Florian Westphal (1):
> netfilter: nf_tables: deactivate catchall elements in next generation
>
> net/netfilter/nf_tables_api.c | 1 +
> 1 file changed, 1 insertion(+)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list