[Lunar, OEM-6.1, OEM-6.0, Kinetic, OEM-5.17, Jammy, Focal 0/1] CVE-2023-32233
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Wed May 10 19:27:38 UTC 2023
[Impact]
On systems where user namespaces can be created by unprivileged users,
which is the default configuration on Ubuntu, unprivileged users can
trigger a use-after-free vulnerability on netfilter. This could be used to
crash the system or elevate privileges.
[Test case]
A PoC that crashes the system was tested and the fix has been shown to
prevent it.
[Backport]
The fix applies cleanly all the way back to 5.4 kernels. A backport to 4.15
is in the works.
[Potential impact]
netfilter users may find regressions when manipulating nftables.
Pablo Neira Ayuso (1):
netfilter: nf_tables: deactivate anonymous set from preparation phase
include/net/netfilter/nf_tables.h | 1 +
net/netfilter/nf_tables_api.c | 12 ++++++++++++
net/netfilter/nft_dynset.c | 2 +-
net/netfilter/nft_lookup.c | 2 +-
net/netfilter/nft_objref.c | 2 +-
5 files changed, 16 insertions(+), 3 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list