Bug 1223733 (CVE-2024-27017)

Summary: VUL-0: CVE-2024-27017: kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Michal Kubeček <mkubecek>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: carlos.lopez, vasant.karasulli
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/403782/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-27017:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-02 12:16:11 UTC 
In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_pipapo: walk over current view on netlink dump

The generation mask can be updated while netlink dump is in progress.
The pipapo set backend walk iterator cannot rely on it to infer what
view of the datastructure is to be used. Add notation to specify if user
wants to read/update the set.

Based on patch from Florian Westphal.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-27017
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-27017.mbox
https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed
https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73
https://www.cve.org/CVERecord?id=CVE-2024-27017
https://bugzilla.redhat.com/show_bug.cgi?id=2278262