diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-30 08:45:57 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-07-30 08:45:57 +0200 |
commit | 3b46845ba3f2046f0f13f282e6944171542f6d48 (patch) | |
tree | a06a90c36aec5dd933983417082ad404d92d22db /retired/CVE-2023-31248 | |
parent | ba39fec80faba0a074940bc900aa58c66d076ea0 (diff) |
Retire some CVEs
Diffstat (limited to 'retired/CVE-2023-31248')
-rw-r--r-- | retired/CVE-2023-31248 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2023-31248 b/retired/CVE-2023-31248 new file mode 100644 index 00000000..68231603 --- /dev/null +++ b/retired/CVE-2023-31248 @@ -0,0 +1,18 @@ +Description: nf_tables UAF when using nft_chain_lookup_byid +References: + https://www.openwall.com/lists/oss-security/2023/07/05/2 + https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/ + https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=515ad530795c118f012539ed76d02bacfd426d89 +Notes: + carnil> Issue introduced with 837830a4b439 ("netfilter: nf_tables: add + carnil> NFTA_RULE_CHAIN_ID attribute") in 5.9-rc1. + carnil> For 6.4.y fixed as well in 6.4.4. +Bugs: +upstream: released (6.5-rc2) [515ad530795c118f012539ed76d02bacfd426d89] +6.1-upstream-stable: released (6.1.39) [fc95c8b02c6160936f1f3d8d9d7f4f66f3c84b49] +5.10-upstream-stable: released (5.10.188) [4ae2e501331aaa506eaf760339bb2f43e5769395] +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: released (6.4.4-1) +6.1-bookworm-security: released (6.1.38-1) [bugfix/all/netfilter-nf_tables-do-not-ignore-genmask-when-looki.patch] +5.10-bullseye-security: released (5.10.179-2) [bugfix/all/netfilter-nf_tables-do-not-ignore-genmask-when-looki.patch] +4.19-buster-security: N/A "Vulnerable code not present" |