[SRU][Focal/Jammy/Lunar][PATCH 0/1] CVE-2023-4881
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Sep 18 21:31:33 UTC 2023
[Impact]
A stack based out-of-bounds write flaw was found in the netfilter
subsystem in the Linux kernel. If the expression length is a multiple of
4 (register size), the `nft_exthdr_eval` family of functions writes 4
NULL bytes past the end of the `regs` argument, leading to stack
corruption and potential information disclosure or a denial of service.
[Backport]
The fix commit fixes four occurrences introduced by different break
commits. Since not all break commits are present in the Focal tree, some
hunks are ignored and the rest are backported.
For Jammy and Lunar, it is a clean cherry pick.
[Test]
Only boot test is performed so far, more comprehensive tests will come
in few days.
[Potential Regression]
The regression should be limited within the modified file.
Florian Westphal (1):
netfilter: nftables: exthdr: fix 4-byte stack OOB write
net/netfilter/nft_exthdr.c | 22 ++++++++++++++--------
1 file changed, 14 insertions(+), 8 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list