[SRU][J/F][PATCH v3 0/1] CVE-2024-27012

[Hannah Peuckmann]

[Impact]
The existing code in nf_tables has an issue where set elements are not properly restored when the delete set operation fails.

[Fix]
This patch ensures that all set elements are correctly handled during the delete operation, maintaining the integrity of the nf_tables.

Noble: done
Jammy: applied, fixed context conflicts
Focal: applied, fixed context conflicts
Bionic: not affected
Xenial: not affected
Trusty: not affected

Focal and Jammy are missing the following commit:
0e1ea651c9717dd ("netfilter: nf_tables: shrink memory consumption of set elements")

This introduced context conflicts in nf_tables_api.c and for jammy also in nft_set_pipapo.c, but
they aren't related to the fix and are relatively straightforward to resolve.

[Test Case]

Compiled and booted.

[Where problems could occur]

This fix affects those who use the nf_tables in netfilter. An issue with this fix could result in unexpected behaviour
or inconsistencies in the netfilter tables.


Pablo Neira Ayuso (1):
  netfilter: nf_tables: restore set elements when delete set fails

 net/netfilter/nf_tables_api.c  | 25 +++++++++++++++++++++++++
 net/netfilter/nft_set_bitmap.c |  4 +---
 net/netfilter/nft_set_hash.c   |  8 ++------
 net/netfilter/nft_set_rbtree.c |  4 +---
 4 files changed, 29 insertions(+), 12 deletions(-)

-- 
2.43.0