Back to bug 2212140
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Rohit Keshri | 2023-06-04 09:35:14 UTC | CC | acaringi, allarkin, bhu, chwhite, dbohanno, ddepaula, debarbos, dvlasenk, ezulian, hkrzesin, jarod, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, ldoskova, lgoncalv, lleshchi, lzampier, nmurray, ptalbert, qzhao, rrobaina, rvrbovsk, rysulliv, scweaver, swood, tyberry, walters, wcosta, williams, wmealing, ycote | |
| Rohit Keshri | 2023-06-04 09:41:14 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Product Security DevOps Team | 2023-06-04 14:46:55 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2023-06-04 14:46:55 UTC | |||
| Paige Jung | 2023-06-05 14:46:32 UTC | Doc Text | A vulnerability was found in net/netfilter/x_tables.c in netfilter in the Linux Kernel. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. | A use-after-free flaw was found in the packet processing context in net/netfilter/x_tables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. |
| Mauro Matteo Cascella | 2023-06-06 13:28:26 UTC | Fixed In Version | Kernel 5.10~23 | kernel 5.10 |
| Jan Pazdziora | 2023-07-27 08:52:23 UTC | CC | jpazdziora | |
| Flags | needinfo?(rkeshri) | |||
| Doc Type | --- | If docs needed, set a value | ||
| RaTasha Tillery-Smith | 2023-07-27 13:21:45 UTC | Doc Text | A use-after-free flaw was found in the packet processing context in net/netfilter/x_tables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. | A use-after-free flaw was found in the packet processing context in net/netfilter/x_tables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement and can be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. |
| Rohit Keshri | 2023-08-13 14:22:32 UTC | Flags | needinfo?(rkeshri) | |
| Jan Pazdziora | 2023-08-14 08:29:40 UTC | Flags | needinfo?(rkeshri) | |
| Mauro Matteo Cascella | 2023-08-14 09:27:16 UTC | Depends On | 2231817, 2231818 | |
| Mauro Matteo Cascella | 2023-08-14 09:30:59 UTC | Depends On | 1906915 | |
| Mauro Matteo Cascella | 2023-08-14 09:31:02 UTC | Depends On | 1858099 | |
| Mauro Matteo Cascella | 2023-08-14 09:35:03 UTC | Flags | needinfo?(rkeshri) |
Back to bug 2212140