retired/CVE-2022-3435


1
2
3
4
5
6
7
8
9
10
11
12
13
14

Description: ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
References:
 https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern@kernel.org/T/#u
Notes:
 carnil> Commit fixes 493ced1ac47c ("ipv4: Allow routes to use nexthop
 carnil> objects") in 5.3-rc1.
 carnil> For 6.0.y fixed as well in 6.0.12.
Bugs:
upstream: released (6.1-rc1) [61b91eb33a69c3be11b259c5ea484505cd79f883]
5.10-upstream-stable: released (5.10.158) [0b5394229ebae09afc07aabccb5ffd705ffd250e]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.0.12-1)
5.10-bullseye-security: released (5.10.158-1)
4.19-buster-security: N/A "Vulnerable code not present"