Back to bug 2220892

Who When What Removed Added
TEJ RATHI 2023-07-06 13:05:26 UTC CC acaringi, allarkin, bhu, chwhite, dbohanno, ddepaula, debarbos, dvlasenk, ezulian, hkrzesin, jarod, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, ldoskova, lgoncalv, lleshchi, lzampier, nmurray, ptalbert, qzhao, rrobaina, rvrbovsk, rysulliv, scweaver, swood, tglozar, tyberry, walters, wcosta, williams, wmealing, ycote, ymankad
TEJ RATHI 2023-07-06 13:07:35 UTC CC dfreiber, jburrell, rogbas, vkumar
TEJ RATHI 2023-07-06 13:11:43 UTC Blocks 2220897
TEJ RATHI 2023-07-07 06:16:13 UTC Depends On 2221046, 2221047
Red Hat Bugzilla 2023-07-07 08:30:31 UTC Assignee security-response-team nobody
Florian Westphal 2023-07-09 21:59:43 UTC Flags needinfo?(trathi)
CC fwestpha
TEJ RATHI 2023-07-10 13:26:15 UTC Flags needinfo?(trathi) needinfo?(rkeshri)
CC rkeshri
Rohit Keshri 2023-07-10 15:32:24 UTC Alias TRIAGE-CVE-2023-35001 CVE-2023-35001, ZDI-CAN-20721
Summary TRIAGE-CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() CVE-2023-35001 TRIAGE-CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
Rohit Keshri 2023-07-10 15:48:55 UTC Severity medium high
Priority medium high
Rohit Keshri 2023-07-10 15:56:02 UTC Depends On 2221721, 2221719, 2221722, 2221717, 2221718, 2221726, 2221720, 2221724, 2221725, 2221727, 2221723
Rohit Keshri 2023-07-10 16:02:37 UTC Depends On 2221732, 2221730, 2221729, 2221737, 2221735, 2221733, 2221734, 2221736, 2221731
Rohit Keshri 2023-07-10 16:29:16 UTC CC jpoimboe, kpatch-maint, rhandlin
Rohit Keshri 2023-07-10 16:36:56 UTC Depends On 2221755, 2221752, 2221754, 2221750, 2221751, 2221756, 2221749, 2221753, 2221747, 2221745, 2221748, 2221746, 2221744
Rohit Keshri 2023-07-10 16:59:50 UTC Summary CVE-2023-35001 TRIAGE-CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() CVE-2023-35001 CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
Rohit Keshri 2023-07-10 17:01:29 UTC Depends On 2221759
Rohit Keshri 2023-07-10 17:08:29 UTC Summary CVE-2023-35001 CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
Flags needinfo?(rkeshri)
Rohit Keshri 2023-07-10 18:54:41 UTC Doc Text An out-of-bounds (OOB) memory access flaw was found in the netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A boundscheck failure allows a local attacker with CAP_NET_ADMIN access to exploit for a Local Privilege Escalation problem due to wrong data alignment.
Rohit Keshri 2023-07-10 18:55:02 UTC Doc Text An out-of-bounds (OOB) memory access flaw was found in the netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A boundscheck failure allows a local attacker with CAP_NET_ADMIN access to exploit for a Local Privilege Escalation problem due to wrong data alignment. An out-of-bounds (OOB) memory access flaw was found in the netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to exploit for a Local Privilege Escalation problem due to wrong data alignment.
RaTasha Tillery-Smith 2023-07-11 14:38:34 UTC Doc Text An out-of-bounds (OOB) memory access flaw was found in the netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to exploit for a Local Privilege Escalation problem due to wrong data alignment. An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel's nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.
Joerg 2023-07-20 11:44:53 UTC CC jkastnin

Back to bug 2220892