retire more issues

author: Moritz Muehlenhoff <jmm@debian.org> 2022-07-07 12:43:15 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2022-07-07 12:43:15 +0200
commit: 72b251bea4b1a603dab872f1d497c33540e57a80 (patch)
tree: f292e76c7a11418b69f8f24e6541fd43d0f659d5 /retired/CVE-2022-1016
parent: 9f018778e78a3ba4fe09eec16000260b0e33a2c3 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2022-1016 b/retired/CVE-2022-1016
new file mode 100644
index 00000000..d484414c
--- /dev/null
+++ b/retired/CVE-2022-1016
@@ -0,0 +1,17 @@
+Description: netfilter: nf_tables: initialize registers in nft_do_chain()
+References:
+ https://www.openwall.com/lists/oss-security/2022/03/28/5
+ http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/
+Notes:
+ carnil> Exploitable starting from commit 96518518cc41 (original merge
+ carnil> of nf_tables) in 3.13-rc1.
+ carnil> Fixed as well in 5.17.1 for 5.17.y and 5.16.18 for 5.16.y.
+Bugs:
+upstream: released (5.18-rc1) [4c905f6740a365464e91467aa50916555b28213d]
+5.10-upstream-stable: released (5.10.109) [2c74374c2e88c7b7992bf808d9f9391f7452f9d9]
+4.19-upstream-stable: released (4.19.237) [88791b79a1eb2ba94e95d039243e28433583a67b]
+4.9-upstream-stable: released (4.9.309) [4d28522acd1c4415c85f6b33463713a268f68965]
+sid: released (5.16.18-1)
+5.10-bullseye-security: released (5.10.113-1)
+4.19-buster-security: released (4.19.249-1)
+4.9-stretch-security: released (4.9.320-2)
author	Moritz Muehlenhoff <jmm@debian.org>	2022-07-07 12:43:15 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2022-07-07 12:43:15 +0200
commit	72b251bea4b1a603dab872f1d497c33540e57a80 (patch)
tree	f292e76c7a11418b69f8f24e6541fd43d0f659d5 /retired/CVE-2022-1016
parent	9f018778e78a3ba4fe09eec16000260b0e33a2c3 (diff)