APPLIED: [SRU][J/L/M][PATCH 0/1] CVE-2023-6622
Roxana Nicolescu
roxana.nicolescu at canonical.com
Fri Jan 5 10:55:10 UTC 2024
On 05/01/2024 00:37, Yuxuan Luo wrote:
> [Impact]
> A null pointer dereference vulnerability was found in nft_dynset_init() in
> net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may
> allow a local attacker with CAP_NET_ADMIN user privilege to trigger a
> denial of service.
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Compile and boot tested.
>
> [Potential Regression]
> Expect minimal regression potential.
>
> Pablo Neira Ayuso (1):
> netfilter: nf_tables: bail out on mismatching dynset and set
> expressions
>
> net/netfilter/nft_dynset.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
Applied to mantic, lunar, jammy master-next branches. Thanks!
More information about the kernel-team
mailing list