APPLIED [OEM-5.14/OEM-5.17] Re: [SRU][OEM-5.14/Jammy/OEM-5.17][PATCH 0/1] CVE-2022-34918
Timo Aaltonen
tjaalton at ubuntu.com
Thu Jul 7 07:36:59 UTC 2022
Cengiz Can kirjoitti 6.7.2022 klo 18.24:
> [Impact]
> An issue was discovered in the Linux kernel through 5.18.9. A type
> confusion bug in nft_set_elem_init (leading to a buffer overflow) could
> be used by a local attacker to escalate privileges, a different
> vulnerability than CVE-2022-32250. (The attacker can obtain root access,
> but must start with an unprivileged user namespace to obtain
> CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in
> net/netfilter/nf_tables_api.c.
>
> [Fix]
> Fix was cherry-picked from net tree.
>
> [Test case]
> Publicly shared PoC was tested with `slub_debug=FZP`.
> Made sure that PoC is no longer applicable after patch.
>
> [Potential regression]
> Unknown.
>
> Pablo Neira Ayuso (1):
> netfilter: nf_tables: stricter validation of element data
>
> net/netfilter/nf_tables_api.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
applied to oem kernels, thanks
--
t
More information about the kernel-team
mailing list