Message ID | 20240104233752.57535-1-yuxuan.luo@canonical.com |
---|---|
Headers | show |
Series | CVE-2023-6622 | expand |
On 05/01/2024 00:37, Yuxuan Luo wrote: > [Impact] > A null pointer dereference vulnerability was found in nft_dynset_init() in > net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may > allow a local attacker with CAP_NET_ADMIN user privilege to trigger a > denial of service. > > [Backport] > Clean cherry pick. > > [Test] > Compile and boot tested. > > [Potential Regression] > Expect minimal regression potential. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: bail out on mismatching dynset and set > expressions > > net/netfilter/nft_dynset.c | 13 +++++++++---- > 1 file changed, 9 insertions(+), 4 deletions(-) > Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
On Thu, Jan 04, 2024 at 06:37:51PM -0500, Yuxuan Luo wrote: > [Impact] > A null pointer dereference vulnerability was found in nft_dynset_init() in > net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may > allow a local attacker with CAP_NET_ADMIN user privilege to trigger a > denial of service. > > [Backport] > Clean cherry pick. > > [Test] > Compile and boot tested. > > [Potential Regression] > Expect minimal regression potential. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: bail out on mismatching dynset and set > expressions > > net/netfilter/nft_dynset.c | 13 +++++++++---- > 1 file changed, 9 insertions(+), 4 deletions(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team Acked-by: Manuel Diewald <manuel.diewald@canonical.com>
On 05/01/2024 00:37, Yuxuan Luo wrote: > [Impact] > A null pointer dereference vulnerability was found in nft_dynset_init() in > net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may > allow a local attacker with CAP_NET_ADMIN user privilege to trigger a > denial of service. > > [Backport] > Clean cherry pick. > > [Test] > Compile and boot tested. > > [Potential Regression] > Expect minimal regression potential. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: bail out on mismatching dynset and set > expressions > > net/netfilter/nft_dynset.c | 13 +++++++++---- > 1 file changed, 9 insertions(+), 4 deletions(-) > Applied to mantic, lunar, jammy master-next branches. Thanks!