Message ID | 20240104194250.1880571-1-cascardo@canonical.com |
---|---|
Headers | show |
Series | CVE-2024-0193 | expand |
On 04/01/2024 20:42, Thadeu Lima de Souza Cascardo wrote: > [Impact] > A double deactivation of garbage collected netfilter set pipapo elements > can lead to a use-after-free, allowing unprivileged users to escalage > privileges when user namespaces are used. > > [Test case] > This was only built tested. > > [Potential impact] > nftables users would be affected. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: skip set commit for deleted/destroyed sets > > net/netfilter/nf_tables_api.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
On Thu, Jan 04, 2024 at 04:42:49PM -0300, Thadeu Lima de Souza Cascardo wrote: > [Impact] > A double deactivation of garbage collected netfilter set pipapo elements > can lead to a use-after-free, allowing unprivileged users to escalage > privileges when user namespaces are used. > > [Test case] > This was only built tested. > > [Potential impact] > nftables users would be affected. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: skip set commit for deleted/destroyed sets > > net/netfilter/nf_tables_api.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > -- > 2.34.1 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team Acked-by: Manuel Diewald <manuel.diewald@canonical.com>
On 04/01/2024 20:42, Thadeu Lima de Souza Cascardo wrote: > [Impact] > A double deactivation of garbage collected netfilter set pipapo elements > can lead to a use-after-free, allowing unprivileged users to escalage > privileges when user namespaces are used. > > [Test case] > This was only built tested. > > [Potential impact] > nftables users would be affected. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: skip set commit for deleted/destroyed sets > > net/netfilter/nf_tables_api.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > Applied to mantic, lunar, jammy master-next branches. Thanks!
Thadeu Lima de Souza Cascardo kirjoitti 4.1.2024 klo 21.42: > [Impact] > A double deactivation of garbage collected netfilter set pipapo elements > can lead to a use-after-free, allowing unprivileged users to escalage > privileges when user namespaces are used. > > [Test case] > This was only built tested. > > [Potential impact] > nftables users would be affected. > > Pablo Neira Ayuso (1): > netfilter: nf_tables: skip set commit for deleted/destroyed sets > > net/netfilter/nf_tables_api.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > applied to oem-6.1-prep, thanks