In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: Fix suspicious rcu_dereference_protected()
When destroying all sets, we are either in pernet exit phase or
are executing a “destroy all sets command” from userspace. The latter
was taken into account in ip_set_dereference() (nfnetlink mutex is held),
but the former was not. The patch adds the required check to
rcu_dereference_protected() in ip_set_dereference().
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/netfilter/ipset/ip_set_core.c"
],
"versions": [
{
"version": "c0761d1f1ce1",
"lessThan": "3799d02ae420",
"status": "affected",
"versionType": "git"
},
{
"version": "93b53c202b51",
"lessThan": "72d961196886",
"status": "affected",
"versionType": "git"
},
{
"version": "0f1bb77c6d83",
"lessThan": "523bed6489e0",
"status": "affected",
"versionType": "git"
},
{
"version": "390b353d1a1d",
"lessThan": "788d585e62f4",
"status": "affected",
"versionType": "git"
},
{
"version": "2ba35b37f780",
"lessThan": "94dd411c18d7",
"status": "affected",
"versionType": "git"
},
{
"version": "90ae20d47de6",
"lessThan": "3fc09e1ca854",
"status": "affected",
"versionType": "git"
},
{
"version": "4e7aaa6b82d6",
"lessThan": "8ecd06277a76",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/netfilter/ipset/ip_set_core.c"
],
"versions": [
{
"version": "6.1.95",
"lessThan": "6.1.96",
"status": "affected",
"versionType": "custom"
},
{
"version": "6.6.35",
"lessThan": "6.6.36",
"status": "affected",
"versionType": "custom"
},
{
"version": "6.9.6",
"lessThan": "6.9.7",
"status": "affected",
"versionType": "custom"
}
]
}
]
git.kernel.org/stable/c/3799d02ae4208af08e81310770d8754863a246a1
git.kernel.org/stable/c/3fc09e1ca854bc234e007a56e0f7431f5e2defb5
git.kernel.org/stable/c/523bed6489e089dd8040e72453fb79da47b144c2
git.kernel.org/stable/c/72d9611968867cc4c5509e7708b1507d692b797a
git.kernel.org/stable/c/788d585e62f487bc4536d454937f737b70d39a33
git.kernel.org/stable/c/8ecd06277a7664f4ef018abae3abd3451d64e7a6
git.kernel.org/stable/c/94dd411c18d7fff9e411555d5c662d29416501e4