[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2023-6817: Linux kernel: use-after-free in nf_tables
From:       Dominique Martinet <asmadeus () codewreck ! org>
Date:       2023-12-22 21:44:25
Message-ID: ZYYDOSmzhWZu8OxS () codewreck ! org
[Download RAW message or body]

Xingyuan Mo wrote on Fri, Dec 22, 2023 at 10:16:24AM +0800:
> I found a use-after-free vulnerability in the implementation of pipapo set
> in Linux kernel nf_tables, which can lead to DoS or local privilege
> escalation, with CAP_NET_ADMIN capability required. The bug is fixed in
> v6.7-rc5 kernel and the patch is:
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=317eb9685095678f2c9f5a8189de698c5354316a
> 

For anyone who'd do the same thing:
 - that commit marks Fixes 3c4287f62044 which was introduced in 5.6
 - it's already been backported to stable tree (5.10.204, 5.15.143,
 6.1.68 and 6.6.7)


Thanks,
-- 
Dominique


[prev in list] [next in list] [prev in thread] [next in thread]