[SRU][J/L/M][PATCH 0/1] CVE-2023-6622
Yuxuan Luo
yuxuan.luo at canonical.com
Thu Jan 4 23:37:51 UTC 2024
[Impact]
A null pointer dereference vulnerability was found in nft_dynset_init() in
net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may
allow a local attacker with CAP_NET_ADMIN user privilege to trigger a
denial of service.
[Backport]
Clean cherry pick.
[Test]
Compile and boot tested.
[Potential Regression]
Expect minimal regression potential.
Pablo Neira Ayuso (1):
netfilter: nf_tables: bail out on mismatching dynset and set
expressions
net/netfilter/nft_dynset.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list