Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 23 Dec 2023 06:44:25 +0900
From: Dominique Martinet <>
Subject: Re: CVE-2023-6817: Linux kernel: use-after-free in

Xingyuan Mo wrote on Fri, Dec 22, 2023 at 10:16:24AM +0800:
> I found a use-after-free vulnerability in the implementation of pipapo set
> in Linux kernel nf_tables, which can lead to DoS or local privilege
> escalation, with CAP_NET_ADMIN capability required. The bug is fixed in
> v6.7-rc5 kernel and the patch is:

For anyone who'd do the same thing:
 - that commit marks Fixes 3c4287f62044 which was introduced in 5.6
 - it's already been backported to stable tree (5.10.204, 5.15.143,
 6.1.68 and 6.6.7)


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.