blob: 775e8cf27cfbbad436af81dc3a6129c34dd661f1 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: netfilter: nf_tables_offload: incorrect flow offload action array size
References:
https://www.openwall.com/lists/oss-security/2022/02/21/2
https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6
https://github.com/Bonfee/CVE-2022-25636
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
Notes:
carnil> Introduced in be2861dc36d7 ("netfilter: nft_{fwd,dup}_netdev:
carnil> add offload support") in 5.4-rc1.
Bugs:
upstream: released (5.17-rc6) [b1a5983f56e371046dcf164f90bfaf704d2b89f6]
5.10-upstream-stable: released (5.10.103) [68f19845f580a1d3ac1ef40e95b0250804e046bb]
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.16.11-1) [bugfix/all/netfilter-nf_tables_offload-incorrect-flow-offload-a.patch]
5.10-bullseye-security: released (5.10.103-1)
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"
|