ACK: [SRU Focal/linux-bluefield 0/1] CVE-2023-4004
Tim Gardner
tim.gardner at canonical.com
Mon Sep 25 12:54:27 UTC 2023
On 9/25/23 2:37 AM, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> Unprivileged users can exploit a use-after-free in the pipapo nftables
> set by using unprivileged user namespaces.
>
> [Backport]
> Though this does not affect 5.4 kernels in general, linux-bluefield has
> applied the commit that introduces the vulnerability.
>
> [Potential regression]
> nftables users may regress.
>
> Florian Westphal (1):
> netfilter: nft_set_pipapo: fix improper element removal
>
> net/netfilter/nft_set_pipapo.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list