*** This bug is a security vulnerability *** Private security bug reported:
[Impact] When adding objects/sets/elements on the same nftables netlink batch, there can be cross-table references. When a table is deleted, references to freed objects may be left, leading to use-after-free vulnerabilities. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Information type changed from Public to Private Security -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1983154 Title: nft allows references to objects on different tables Status in linux package in Ubuntu: New Bug description: [Impact] When adding objects/sets/elements on the same nftables netlink batch, there can be cross-table references. When a table is deleted, references to freed objects may be left, leading to use-after-free vulnerabilities. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1983154/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp