Date: Tue, 30 Aug 2022 12:27:44 +1000 From: David Leadbeater <dgl@....cx> To: oss-security@...ts.openwall.com Subject: CVE-2022-2663: Linux netfilter: nf_conntrack_irc message handling Description: I've found an issue in nf_conntrack_irc where the message handling can be confused and it incorrectly matches on the message. Impact: A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. Mitigations: Linux: Disable nf_conntrack_irc (remove any --helper irc rules, and/or unload the kernel module) MikroTik: Remove IRC from the service ports list (/ip firewall/service-port/disable irc) Fix is posted here: https://email@example.com/T/ It will be making its way into upstream Linux soon. I'll update in a couple of days with complete details. David
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.