An out-of-bounds (OOB) memory access flaw was found in nft_fwd_dup_netdev_offload in net/netfilter/nf_dup_netdev.c in netfilter subcomponent in the Linux kernel due to a heap out of bounds write problem. In this flaw, an attacker with a user account on the system to gain access to out-of-bounds memory leads to a system crash or a privilege escalation threat. Reference: https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 https://www.openwall.com/lists/oss-security/2022/02/21/2
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 https://www.openwall.com/lists/oss-security/2022/02/21/2
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2056863]
This was fixed for Fedora with the 5.16.12 stable kernel updates.
Does it matter if netfilter is in use (e.g. -- firewall enabled or disabled)? I cannot find any definitive answer from the mailing list or elsewhere.
Created kernel tracking bugs for this issue: Affects: ovirt-4.4 [ bug 2065576 ]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1413 https://access.redhat.com/errata/RHSA-2022:1413
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1418 https://access.redhat.com/errata/RHSA-2022:1418
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1455 https://access.redhat.com/errata/RHSA-2022:1455
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1535 https://access.redhat.com/errata/RHSA-2022:1535
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1555 https://access.redhat.com/errata/RHSA-2022:1555
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1550 https://access.redhat.com/errata/RHSA-2022:1550
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2022:4896 https://access.redhat.com/errata/RHSA-2022:4896
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-25636