Add CVE-2022-1972

author: Salvatore Bonaccorso <carnil@debian.org> 2022-06-02 12:49:01 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-06-02 12:49:01 +0200
commit: 8a96e67a753f4df83859f97f56ff376356ad1357 (patch)
tree: 07685527ff2dcceea5724eb47071104730be645a /active
parent: 303840079fc5729ba23be5f471e10d4cf7e38cf8 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/active/CVE-2022-1972 b/active/CVE-2022-1972
new file mode 100644
index 000000000..17c1991e3
--- /dev/null
+++ b/active/CVE-2022-1972
@@ -0,0 +1,17 @@
+Description: netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
+ https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=fecf31ee395b0295f2d7260aa29946b7605f7c85
+ https://www.openwall.com/lists/oss-security/2022/06/02/1
+References:
+Notes:
+ carnil> Commit fixes f3a2181e16f1 ("netfilter: nf_tables: Support for
+ carnil> sets with multiple ranged fields") in 5.6-rc1.
+Fixes: 
+Bugs:
+upstream: needed
+5.10-upstream-stable: needed
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: "Vulnerable code not present"
+sid: needed
+5.10-bullseye-security: needed
+4.19-buster-security: "Vulnerable code not present"
+4.9-stretch-security: "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2022-06-02 12:49:01 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-06-02 12:49:01 +0200
commit	8a96e67a753f4df83859f97f56ff376356ad1357 (patch)
tree	07685527ff2dcceea5724eb47071104730be645a /active
parent	303840079fc5729ba23be5f471e10d4cf7e38cf8 (diff)