A flaw was found in the Netfilter subsystem of the Linux kernel. A race
condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel
panic due to the invocation of __ip_set_put
on a wrong set
. This issue
may allow a local user to crash the system.
Author | Note |
---|---|
Priority reason: By using unprivileged user namespaces, this can be exploited to achieve denial of service or code execution. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < 5.4.0-165.182 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-87.97 | UNKNOWN |
ubuntu | 23.04 | noarch | linux | < 6.2.0-35.35 | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < 6.5.0-10.10 | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1112.121 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1048.53 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-aws | < 6.2.0-1014.14 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1009.9 | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/7433b6d2afd512d04398c73aa984d1e285be125b (6.6-rc3)
launchpad.net/bugs/cve/CVE-2023-42756
lore.kernel.org/netfilter-devel/ZPZqetxOmH+w%2Fmyc@westworld/#r
nvd.nist.gov/vuln/detail/CVE-2023-42756
security-tracker.debian.org/tracker/CVE-2023-42756
ubuntu.com/security/notices/USN-6441-1
ubuntu.com/security/notices/USN-6441-2
ubuntu.com/security/notices/USN-6441-3
ubuntu.com/security/notices/USN-6442-1
ubuntu.com/security/notices/USN-6443-1
ubuntu.com/security/notices/USN-6444-1
ubuntu.com/security/notices/USN-6444-2
ubuntu.com/security/notices/USN-6445-1
ubuntu.com/security/notices/USN-6445-2
ubuntu.com/security/notices/USN-6446-1
ubuntu.com/security/notices/USN-6446-2
ubuntu.com/security/notices/USN-6446-3
ubuntu.com/security/notices/USN-6454-1
ubuntu.com/security/notices/USN-6454-2
ubuntu.com/security/notices/USN-6454-3
ubuntu.com/security/notices/USN-6454-4
ubuntu.com/security/notices/USN-6466-1
ubuntu.com/security/notices/USN-6479-1
www.cve.org/CVERecord?id=CVE-2023-42756
www.openwall.com/lists/oss-security/2023/09/27/2