| Message ID | 20240801153813.61841-1-hannah.peuckmann@canonical.com |
|---|---|
| Headers | show
Return-Path: <kernel-team-bounces@lists.ubuntu.com> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WZY5Z6qR6z1ybX for <incoming@patchwork.ozlabs.org>; Fri, 2 Aug 2024 01:38:26 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from <kernel-team-bounces@lists.ubuntu.com>) id 1sZXsf-00072R-M8; Thu, 01 Aug 2024 15:38:17 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from <hannah.peuckmann@canonical.com>) id 1sZXse-00072J-Uf for kernel-team@lists.ubuntu.com; Thu, 01 Aug 2024 15:38:16 +0000 Received: from mail-lf1-f69.google.com (mail-lf1-f69.google.com [209.85.167.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 9DE073F048 for <kernel-team@lists.ubuntu.com>; Thu, 1 Aug 2024 15:38:16 +0000 (UTC) Received: by mail-lf1-f69.google.com with SMTP id 2adb3069b0e04-52f028a33aaso750220e87.3 for <kernel-team@lists.ubuntu.com>; Thu, 01 Aug 2024 08:38:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722526696; x=1723131496; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=eX9xUOFMBY94xyW92MAsJKqNSweqFMCCbyMZFqSrZjg=; b=djMxTgu6Pf7Vx++K0NE8vEVdseHEko0t4j7dNOV3aSTuGncf5/yAYqmfWm7Cpoql90 k/p0lHy/jNg0q6cE7PpTf/Pm+J/rAVNml2fGUtiaNZMY5H7GPZA4Z3zC8Z4PLk4PHWzp LWNbe6fSG/duGLGPR34i6yYI1tAnkq7rPlo4G5iNZM734JenTWCtQF++ckGBXI27UnOm CUCD/IGvZ1ozU0hYnWCFcE2TqjayzkjGvJdeCfFwjZrLHJFqlS5DTHBPV77K9yketBhM ht+4YVPKrcUHJKayttGc67/NHFrsqZFHw6lqBNWLRY/5gT2pQlWKMHxk1xGJqoiBB5IM mHmw== X-Gm-Message-State: AOJu0YwWTy5sFqBBr7krRPT4Cd+05PTnabYXvHMIb07P3KRjYNXtoXGe gfZ2vgEtDob/liuuxQAf9OjEFrvRRGRaqX/ptrgpNuqqvwavZFZZd9S6QrlEe3sgSjfzpp7chMd /GnC2Zvk57AjWx4TXBgxPDRqeoot39wIj2t6okxBu+kavtD57fpKyGrEOsRyirUVaHonRPa8GLc wK/2pDLavg9Ytk X-Received: by 2002:ac2:4caa:0:b0:52e:9b87:2340 with SMTP id 2adb3069b0e04-530bb3bd47amr82630e87.6.1722526695575; Thu, 01 Aug 2024 08:38:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEWzIMR/2aPwhAWDf94hQPNR9Q+MYg0CammfpXOi6m0HnPkoBJdHdIDhhAzg68Xx5lfcm+pKg== X-Received: by 2002:ac2:4caa:0:b0:52e:9b87:2340 with SMTP id 2adb3069b0e04-530bb3bd47amr82623e87.6.1722526694881; Thu, 01 Aug 2024 08:38:14 -0700 (PDT) Received: from bojack.home (085081016045.dynamic.telenor.dk. [85.81.16.45]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-36b367c0113sm19698759f8f.14.2024.08.01.08.38.14 for <kernel-team@lists.ubuntu.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Aug 2024 08:38:14 -0700 (PDT) From: Hannah Peuckmann <hannah.peuckmann@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][J/F][PATCH v2 0/1] CVE-2024-27012 Date: Thu, 1 Aug 2024 17:38:11 +0200 Message-ID: <20240801153813.61841-1-hannah.peuckmann@canonical.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com> List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe> List-Archive: <https://lists.ubuntu.com/archives/kernel-team> List-Post: <mailto:kernel-team@lists.ubuntu.com> List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help> List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com> |
| Series |
CVE-2024-27012
|
expand
|
[Impact] The existing code in nf_tables has an issue where set elements are not properly restored when the delete set operation fails. [Fix] This patch ensures that all set elements are correctly handled during the delete operation, maintaining the integrity of the nf_tables. Noble: done Jammy: applied, fixed context conflicts Focal: applied, fixed context conflicts Bionic: not affected Xenial: not affected Trusty: not affected Focal and Jammy are missing the following commit: 0e1ea651c9717dd ("netfilter: nf_tables: shrink memory consumption of set elements") This introduced context conflicts in nf_tables_api.c and for jammy also in nft_set_pipapo.c, but they aren't related to the fix and are relatively straightforward to resolve. [Test Case] Compiled and booted. [Where problems could occur] This fix affects those who use the nf_tables in netfilter. An issue with this fix could result in unexpected behaviour or inconsistencies in the netfilter tables. Pablo Neira Ayuso (1): netfilter: nf_tables: restore set elements when delete set fails net/netfilter/nf_tables_api.c | 25 +++++++++++++++++++++++++ net/netfilter/nft_set_bitmap.c | 4 +--- net/netfilter/nft_set_hash.c | 8 ++------ net/netfilter/nft_set_rbtree.c | 4 +--- 4 files changed, 29 insertions(+), 12 deletions(-)