| Message ID | 20240801114757.50429-1-hannah.peuckmann@canonical.com |
|---|---|
| Headers | show
Return-Path: <kernel-team-bounces@lists.ubuntu.com> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WZRzv45scz1ydq for <incoming@patchwork.ozlabs.org>; Thu, 1 Aug 2024 21:48:10 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from <kernel-team-bounces@lists.ubuntu.com>) id 1sZUHq-0007e3-JY; Thu, 01 Aug 2024 11:48:02 +0000 Received: from smtp-relay-internal-0.internal ([10.131.114.225] helo=smtp-relay-internal-0.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from <hannah.peuckmann@canonical.com>) id 1sZUHp-0007dO-H0 for kernel-team@lists.ubuntu.com; Thu, 01 Aug 2024 11:48:01 +0000 Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id EA7843F298 for <kernel-team@lists.ubuntu.com>; Thu, 1 Aug 2024 11:48:00 +0000 (UTC) Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-4267378f538so9118795e9.1 for <kernel-team@lists.ubuntu.com>; Thu, 01 Aug 2024 04:48:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722512880; x=1723117680; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=P2J8zVu0jj41X3s6jA/ru2TyLk8YY13Q7LzSNReLfCY=; b=UQ2DGfN3QDLrTzeZSfgNI4HEgW/KlM+71kPXFlxHUTsSsdWsNwSPhfVSTF1CfaElmt qC3qsjeikbdeh+Pani/fHTcRk6wAxZDo1GpSXExAjXujNIXjAbcfU0exHiPusjwkUDsJ m2QslIbo+gyqyZw7pHPXFV5z0a4q/b8ZECOtK+OUgb8bneTnfqc07qQ2ZV1gWXjd/ehK bnoVPCSM0cdUVT2ZcdTG0KTq1d0u9kSmdzZHN4zOTdsNm45w8xVJ0nvUI18EOUXKjBA1 bWC5RfiiO088Sew0bszmqvZmC5ShhfZNZz5hOCDH3QsRnWTuxkPKvACxkK869zAAQse0 bRJQ== X-Gm-Message-State: AOJu0Yw4GUX86Fo+H9ou8+Gsm2PpkcyT5HC8U0GQW09zlSGeNFV0bUSz R1S3Q5MO5N2SkuUkph/WdMR4vwje9saFOwXwO09NwaJTcuqAjQxDiDrPhfpTIZ2gWPSk+XFrwXu ISL0S2PJss1mV8xtpFXf7i6pF8GNph1+c4hgYis4YpF/mL5ShSulTCoFUG0GLsR+1UfZSkH2FSQ bIN0JuLbT6QHOq X-Received: by 2002:a05:600c:5116:b0:425:65b1:abb4 with SMTP id 5b1f17b1804b1-428a4297bf0mr11831105e9.0.1722512879697; Thu, 01 Aug 2024 04:47:59 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEZSPCreMbsAoidkp+oz6dH3A8V3cqCFkS79fW9PMwv7HP7Ip2J240Mh+XOKO25g0QoNdpAfA== X-Received: by 2002:a05:600c:5116:b0:425:65b1:abb4 with SMTP id 5b1f17b1804b1-428a4297bf0mr11831005e9.0.1722512879124; Thu, 01 Aug 2024 04:47:59 -0700 (PDT) Received: from bojack.home (085081016045.dynamic.telenor.dk. [85.81.16.45]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4282b8ad475sm55525375e9.13.2024.08.01.04.47.58 for <kernel-team@lists.ubuntu.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 04:47:58 -0700 (PDT) From: Hannah Peuckmann <hannah.peuckmann@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][J/F][PATCH 0/1] CVE-2024-27012 Date: Thu, 1 Aug 2024 13:47:55 +0200 Message-ID: <20240801114757.50429-1-hannah.peuckmann@canonical.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com> List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe> List-Archive: <https://lists.ubuntu.com/archives/kernel-team> List-Post: <mailto:kernel-team@lists.ubuntu.com> List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help> List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com> |
| Series |
CVE-2024-27012
|
expand
|
[Impact] The existing code in nf_tables has an issue where set elements are not properly restored when the delete set operation fails. [Fix] This patch ensures that all set elements are correctly handled during the delete operation, maintaining the integrity of the nf_tables. Noble: done Jammy: applied, fixed context conflicts Focal: applied, fixed context conflicts Bionic: not affected Xenial: not affected Trusty: not affected Focal and Jammy are missing the following commit: 0e1ea651c9717dd ("netfilter: nf_tables: shrink memory consumption of set elements") This introduced context conflicts in net/netfilter/nf_tables_api.c but they aren't related to the fix and are relatively straightforward to resolve. [Test Case] Compiled and booted. [Where problems could occur] This fix affects those who use the nf_tables in netfilter. An issue with this fix could result in unexpected behaviour or inconsistencies in the netfilter tables. Pablo Neira Ayuso (1): netfilter: nf_tables: restore set elements when delete set fails net/netfilter/nf_tables_api.c | 25 +++++++++++++++++++++++++ net/netfilter/nft_set_bitmap.c | 4 +--- net/netfilter/nft_set_hash.c | 8 ++------ net/netfilter/nft_set_rbtree.c | 4 +--- 4 files changed, 29 insertions(+), 12 deletions(-)