ACK: [SRU Focal/linux-bluefield 0/1] CVE-2023-4004
Bartlomiej Zolnierkiewicz
bartlomiej.zolnierkiewicz at canonical.com
Mon Sep 25 10:43:17 UTC 2023
Acked-by: Bartlomiej Zolnierkiewicz <bartlomiej.zolnierkiewicz at canonical.com>
On Mon, Sep 25, 2023 at 10:38 AM Thadeu Lima de Souza Cascardo
<cascardo at canonical.com> wrote:
>
> [Impact]
> Unprivileged users can exploit a use-after-free in the pipapo nftables
> set by using unprivileged user namespaces.
>
> [Backport]
> Though this does not affect 5.4 kernels in general, linux-bluefield has
> applied the commit that introduces the vulnerability.
>
> [Potential regression]
> nftables users may regress.
>
> Florian Westphal (1):
> netfilter: nft_set_pipapo: fix improper element removal
>
> net/netfilter/nft_set_pipapo.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
More information about the kernel-team
mailing list