[SRU][M/J 0/1, F 0/2] CVE-2024-26581
Bethany Jamison
bethany.jamison at canonical.com
Fri Mar 15 20:34:51 UTC 2024
[Impact]
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc
on insert might collect an end interval element that has been just added in
this transactions, skip end interval elements that are not yet active.
[Fix]
Mantic: Clean cherry-pick.
Jammy: Mantic patch applied cleanly.
Focal: Fix and prereq commits cherry-picked cleanly.
[Test Case]
Compile and boot tested.
[Where problems could occur]
This affects many users as netfilter is widely used, but the risk of
regression is low as the fix is simple.
Pablo Neira Ayuso (1):
netfilter: nft_set_rbtree: skip end interval element from gc
net/netfilter/nft_set_rbtree.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list