blob: 05522db57f041e9b68fa5cccc11b85bb4d91ed73 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: Linux kernel nf_tables cross-table reference UAF
References:
https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t
https://www.openwall.com/lists/oss-security/2022/08/09/5
https://www.openwall.com/lists/oss-security/2022/08/18/1
https://www.zerodayinitiative.com/advisories/ZDI-22-1118/
https://www.openwall.com/lists/oss-security/2022/08/29/5
Notes:
carnil> Fixed as well in 5.18.18 for 5.18.y and in 5.19.2 for 5.19.y.
Bugs:
upstream: released (6.0-rc1) [470ee20e069a6d05ae549f7d0ef2bdbcee6a81b2]
5.10-upstream-stable: released (5.10.137) [1a4b18b1ff11ba26f9a852019d674fde9d1d1cff]
4.19-upstream-stable: released (4.19.256) [77d3b5038b7462318f5183e2ad704b01d57215a2]
sid: released (5.18.16-1) [bugfix/all/netfilter-nf_tables-do-not-allow-SET_ID-to-refer-to-.patch]
5.10-bullseye-security: released (5.10.136-1) [bugfix/all/netfilter-nf_tables-do-not-allow-SET_ID-to-refer-to-.patch]
4.19-buster-security: released (4.19.260-1)
|