APPLIED: [SRU][F/J][PATCH v2 0/1] CVE-2024-27397

Stefan Bader stefan.bader at canonical.com
Fri Sep 6 14:53:49 UTC 2024 

On 02.09.24 16:37, Massimiliano Pellizzer wrote:
> [Impact]
> 
> Add a timestamp field at the beginning of the transaction, store it
> in the nftables per-netns area.
> 
> Update set backend .insert, .deactivate and sync gc path to use the
> timestamp, this avoids that an element expires while control plane
> transaction is still unfinished.
> 
> .lookup and .update, which are used from packet path, still use the
> current time to check if the element has expired. And .get path and dump
> also since this runs lockless under rcu read size lock. Then, there is
> async gc which also needs to check the current time since it runs
> asynchronously from a workqueue.
> 
> [Fix]
> 
> Noble:  Fixed
> Jammy:  Cherry picked from linux-5.15.y
> Focal:  Backported from linux-5.4.y
> Bionic: Sent to ESM ML
> Xenial: Sent to ESM ML
> 
> [Test Case]
> 
> Compile and boot tested.
> 
> [Where problems could occur]
> 
> The fix for CVE-2024-27397 affects the netfilter subsystem.
> An issue with this fix may lead to kernel crashes, particularly during
> the application or modification of network filtering rules.
> Users may also notice unexpected network behavior.
> 
> [Changes between v1 and v2]
> Fixed a typo in the commit description.
> 
> Pablo Neira Ayuso (1):
>    netfilter: nf_tables: use timestamp to check for set element timeout
> 
>   include/net/netfilter/nf_tables.h | 21 +++++++++++++++++++--
>   net/netfilter/nf_tables_api.c     |  1 +
>   net/netfilter/nft_set_hash.c      |  8 +++++++-
>   net/netfilter/nft_set_rbtree.c    |  6 ++++--
>   4 files changed, 31 insertions(+), 5 deletions(-)
> 

Applied to jammy,focal:linux/master-next. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240906/53594949/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240906/53594949/attachment-0001.sig>

More information about the kernel-team mailing list