summaryrefslogtreecommitdiffstats
path: root/retired
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2023-07-30 08:45:57 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2023-07-30 08:45:57 +0200
commit3b46845ba3f2046f0f13f282e6944171542f6d48 (patch)
treea06a90c36aec5dd933983417082ad404d92d22db /retired
parentba39fec80faba0a074940bc900aa58c66d076ea0 (diff)
Retire some CVEs
Diffstat (limited to 'retired')
-rw-r--r--retired/CVE-2023-3124818
-rw-r--r--retired/CVE-2023-3223314
-rw-r--r--retired/CVE-2023-361014
3 files changed, 46 insertions, 0 deletions
diff --git a/retired/CVE-2023-31248 b/retired/CVE-2023-31248
new file mode 100644
index 00000000..68231603
--- /dev/null
+++ b/retired/CVE-2023-31248
@@ -0,0 +1,18 @@
+Description: nf_tables UAF when using nft_chain_lookup_byid
+References:
+ https://www.openwall.com/lists/oss-security/2023/07/05/2
+ https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/
+ https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=515ad530795c118f012539ed76d02bacfd426d89
+Notes:
+ carnil> Issue introduced with 837830a4b439 ("netfilter: nf_tables: add
+ carnil> NFTA_RULE_CHAIN_ID attribute") in 5.9-rc1.
+ carnil> For 6.4.y fixed as well in 6.4.4.
+Bugs:
+upstream: released (6.5-rc2) [515ad530795c118f012539ed76d02bacfd426d89]
+6.1-upstream-stable: released (6.1.39) [fc95c8b02c6160936f1f3d8d9d7f4f66f3c84b49]
+5.10-upstream-stable: released (5.10.188) [4ae2e501331aaa506eaf760339bb2f43e5769395]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.4.4-1)
+6.1-bookworm-security: released (6.1.38-1) [bugfix/all/netfilter-nf_tables-do-not-ignore-genmask-when-looki.patch]
+5.10-bullseye-security: released (5.10.179-2) [bugfix/all/netfilter-nf_tables-do-not-ignore-genmask-when-looki.patch]
+4.19-buster-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2023-32233 b/retired/CVE-2023-32233
new file mode 100644
index 00000000..90e2de8e
--- /dev/null
+++ b/retired/CVE-2023-32233
@@ -0,0 +1,14 @@
+Description: netfilter: nf_tables: deactivate anonymous set from preparation phase
+References:
+ https://www.openwall.com/lists/oss-security/2023/05/08/4
+ https://www.openwall.com/lists/oss-security/2023/05/15/5
+Notes:
+Bugs:
+upstream: released (6.4-rc1) [c1592a89942e9678f7d9c8030efa777c0d57edab]
+6.1-upstream-stable: released (6.1.28) [4507918cd1f8b80f21a396fa0531d53e372bed66]
+5.10-upstream-stable: released (5.10.180) [e044a24447189419c3a7ccc5fa6da7516036dc55]
+4.19-upstream-stable: released (4.19.283) [c6989314fd809c5eaf4980d6fa474f19fc653d6c]
+sid: released (6.1.27-1) [bugfix/all/netfilter-nf_tables-deactivate-anonymous-set-from-pr.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: released (5.10.179-1) [bugfix/all/netfilter-nf_tables-deactivate-anonymous-set-from-pr.patch]
+4.19-buster-security: released (4.19.289-1)
diff --git a/retired/CVE-2023-3610 b/retired/CVE-2023-3610
new file mode 100644
index 00000000..39e348ba
--- /dev/null
+++ b/retired/CVE-2023-3610
@@ -0,0 +1,14 @@
+Description: netfilter: nf_tables: fix chain binding transaction logic
+References:
+Notes:
+ carnil> Commit fixes d0e2c7de92c7 ("netfilter: nf_tables: add
+ carnil> NFT_CHAIN_BINDING") in 5.9-rc1.
+Bugs:
+upstream: released (6.4) [4bedf9eee016286c835e3d8fa981ddece5338795]
+6.1-upstream-stable: released (6.1.36) [891cd2edddc76c58e842706ad27e2ff96000bd5d]
+5.10-upstream-stable: released (5.10.188) [d53c295c1f43b7460d28ba0f0f98a602084fdcb6]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.3.11-1)
+6.1-bookworm-security: released (6.1.37-1)
+5.10-bullseye-security: released (5.10.179-3) [bugfix/all/netfilter-nf_tables-fix-chain-binding-transaction-lo.patch]
+4.19-buster-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy