ACK: [SRU][J/L/M][PATCH 0/1] CVE-2023-6622
Manuel Diewald
manuel.diewald at canonical.com
Fri Jan 5 09:44:25 UTC 2024
On Thu, Jan 04, 2024 at 06:37:51PM -0500, Yuxuan Luo wrote:
> [Impact]
> A null pointer dereference vulnerability was found in nft_dynset_init() in
> net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may
> allow a local attacker with CAP_NET_ADMIN user privilege to trigger a
> denial of service.
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Expect minimal regression potential.
>
> Pablo Neira Ayuso (1):
> netfilter: nf_tables: bail out on mismatching dynset and set
> expressions
>
> net/netfilter/nft_dynset.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Manuel Diewald <manuel.diewald at canonical.com>
--
Manuel
More information about the kernel-team
mailing list