*** This bug is a security vulnerability ***
Private security bug reported:
[Impact]
When adding objects/sets/elements on the same nftables netlink batch, there can
be cross-table references. When a table is deleted, references to freed objects
may be left, leading to use-after-free vulnerabilities.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Private Security
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1983154
Title:
nft allows references to objects on different tables
Status in linux package in Ubuntu:
New
Bug description:
[Impact]
When adding objects/sets/elements on the same nftables netlink batch, there
can be cross-table references. When a table is deleted, references to freed
objects may be left, leading to use-after-free vulnerabilities.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1983154/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
