[SRU Focal,Jammy,OEM-6.1,Lunar,Mantic 0/1] CVE-2023-42756
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Sep 28 22:58:51 UTC 2023
[Impact]
An unprivileged user may trigger a race condition in the netfilter ipset
subsystem, leading to a local denial of service.
[Test case]
A PoC was tested and reliably triggered a crash. After the fix, no crash
is observed anymore.
[Backport]
Only focal required a simple context fixup.
[Potential regression]
netfilter users using ipsets may find regressions.
Jozsef Kadlecsik (1):
netfilter: ipset: Fix race between IPSET_CMD_CREATE and IPSET_CMD_SWAP
net/netfilter/ipset/ip_set_core.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list