APPLIED[F,J,L,M]: [SRU Focal,Jammy,OEM-6.1,Lunar,Mantic 0/1] CVE-2023-42756
Roxana Nicolescu
roxana.nicolescu at canonical.com
Mon Oct 2 08:06:40 UTC 2023
On 29/09/2023 00:58, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> An unprivileged user may trigger a race condition in the netfilter ipset
> subsystem, leading to a local denial of service.
>
> [Test case]
> A PoC was tested and reliably triggered a crash. After the fix, no crash
> is observed anymore.
>
> [Backport]
> Only focal required a simple context fixup.
>
> [Potential regression]
> netfilter users using ipsets may find regressions.
>
> Jozsef Kadlecsik (1):
> netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
>
> net/netfilter/ipset/ip_set_core.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
Applied to focal,jammy,lunar,mantic:master-next. Thanks!
Roxana
More information about the kernel-team
mailing list