mbox series

[SRU,Mantic,Lunar,0/2] CVE-2023-5972

Message ID 20231204174527.16125-1-bethany.jamison@canonical.com
Headers show
Series CVE-2023-5972 | expand

Message

Bethany Jamison Dec. 4, 2023, 5:45 p.m. UTC 
[Impact]

A null pointer dereference flaw was found in the nft_inner.c functionality
of netfilter in the Linux kernel. This issue could allow a local user to
crash the system or escalate their privileges on the system.

[Fix]

Clean cherry-picks.

[Test]

Compile and boot test.

[Where problems could occur]

Issues could occur in netfilter.

Xingyuan Mo (2):
  nf_tables: fix NULL pointer dereference in nft_inner_init()
  nf_tables: fix NULL pointer dereference in nft_expr_inner_parse()

 net/netfilter/nf_tables_api.c | 2 +-
 net/netfilter/nft_inner.c     | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

Comments

Tim Gardner Dec. 4, 2023, 5:55 p.m. UTC | #1 
On 12/4/23 10:45 AM, Bethany Jamison wrote:
> [Impact]
> 
> A null pointer dereference flaw was found in the nft_inner.c functionality
> of netfilter in the Linux kernel. This issue could allow a local user to
> crash the system or escalate their privileges on the system.
> 
> [Fix]
> 
> Clean cherry-picks.
> 
> [Test]
> 
> Compile and boot test.
> 
> [Where problems could occur]
> 
> Issues could occur in netfilter.
> 
> Xingyuan Mo (2):
>    nf_tables: fix NULL pointer dereference in nft_inner_init()
>    nf_tables: fix NULL pointer dereference in nft_expr_inner_parse()
> 
>   net/netfilter/nf_tables_api.c | 2 +-
>   net/netfilter/nft_inner.c     | 1 +
>   2 files changed, 2 insertions(+), 1 deletion(-)
> 
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Manuel Diewald Dec. 5, 2023, 4:31 p.m. UTC | #2 
On Mon, Dec 04, 2023 at 11:45:25AM -0600, Bethany Jamison wrote:
> [Impact]
> 
> A null pointer dereference flaw was found in the nft_inner.c functionality
> of netfilter in the Linux kernel. This issue could allow a local user to
> crash the system or escalate their privileges on the system.
> 
> [Fix]
> 
> Clean cherry-picks.
> 
> [Test]
> 
> Compile and boot test.
> 
> [Where problems could occur]
> 
> Issues could occur in netfilter.
> 
> Xingyuan Mo (2):
>   nf_tables: fix NULL pointer dereference in nft_inner_init()
>   nf_tables: fix NULL pointer dereference in nft_expr_inner_parse()
> 
>  net/netfilter/nf_tables_api.c | 2 +-
>  net/netfilter/nft_inner.c     | 1 +
>  2 files changed, 2 insertions(+), 1 deletion(-)
> 
> -- 
> 2.34.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Acked-by: Manuel Diewald <manuel.diewald@canonical.com>
Stefan Bader Dec. 14, 2023, 2:21 p.m. UTC | #3 
On 04.12.23 18:45, Bethany Jamison wrote:
> [Impact]
> 
> A null pointer dereference flaw was found in the nft_inner.c functionality
> of netfilter in the Linux kernel. This issue could allow a local user to
> crash the system or escalate their privileges on the system.
> 
> [Fix]
> 
> Clean cherry-picks.
> 
> [Test]
> 
> Compile and boot test.
> 
> [Where problems could occur]
> 
> Issues could occur in netfilter.
> 
> Xingyuan Mo (2):
>    nf_tables: fix NULL pointer dereference in nft_inner_init()
>    nf_tables: fix NULL pointer dereference in nft_expr_inner_parse()
> 
>   net/netfilter/nf_tables_api.c | 2 +-
>   net/netfilter/nft_inner.c     | 1 +
>   2 files changed, 2 insertions(+), 1 deletion(-)
> 

Applied to mantic,lunar:linux/master-next. Thanks.

-Stefan