Back to bug 2225275
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Alex | 2023-07-24 20:36:49 UTC | Depends On | 2225277, 2225276 | |
| Beth Uptagrafft | 2023-07-28 19:05:34 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-07-30 11:00:19 UTC | Summary | TRIAGE kernel: netfilter: nft_set_pipapo: improper element removal in function nft_pipapo_remove when insert an element without a NFT_SET_EXT_KEY_END that can lead to use-after-free | kernel: netfilter: nft_set_pipapo: improper element removal in function nft_pipapo_remove when insert an element without a NFT_SET_EXT_KEY_END that can lead to use-after-free |
| Alex | 2023-07-30 11:29:34 UTC | Depends On | 2227503 | |
| Alex | 2023-07-30 11:38:49 UTC | Depends On | 2227508, 2227512, 2227511, 2227510, 2227519, 2227516, 2227514, 2227506, 2227517, 2227509, 2227507, 2227504, 2227513, 2227515, 2227518, 2227505 | |
| Alex | 2023-07-30 11:42:25 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-07-30 11:46:27 UTC | Doc Text | A flaw use after free in the Linux kernel netfilter was found in the way user triggers nft_pipapo_remove function with the element without a NFT_SET_EXT_KEY_END. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | |
| Alex | 2023-07-30 11:58:34 UTC | Summary | kernel: netfilter: nft_set_pipapo: improper element removal in function nft_pipapo_remove when insert an element without a NFT_SET_EXT_KEY_END that can lead to use-after-free | CVE-2023-4004 kernel: netfilter: nft_set_pipapo: improper element removal in function nft_pipapo_remove when insert an element without a NFT_SET_EXT_KEY_END that can lead to use-after-free |
| Alias | CVE-2023-4004 | |||
| Alex | 2023-07-30 12:02:12 UTC | Fixed In Version | kernel 6.5-rc5 | |
| Paige Jung | 2023-07-31 16:09:20 UTC | Doc Text | A flaw use after free in the Linux kernel netfilter was found in the way user triggers nft_pipapo_remove function with the element without a NFT_SET_EXT_KEY_END. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. | A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. |
| Joe Lawrence | 2023-08-02 15:14:10 UTC | Flags | needinfo?(allarkin) | |
| Scott Weaver | 2023-08-02 19:25:26 UTC | Flags | needinfo?(allarkin) | |
| Alex | 2023-08-03 09:57:13 UTC | CC | jpoimboe, kpatch-maint, rhandlin | |
| Alex | 2023-08-03 09:59:41 UTC | Depends On | 2228794, 2228797, 2228798, 2228800, 2228795, 2228796, 2228799 | |
| Alex | 2023-08-03 10:23:49 UTC | Flags | needinfo?(allarkin) needinfo?(allarkin) |
Back to bug 2225275