Bug 1223733 (CVE-2024-27017) - VUL-0: CVE-2024-27017: kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump
Summary: VUL-0: CVE-2024-27017: kernel: netfilter: nft_set_pipapo: walk over current v...
Status: NEW
Alias: CVE-2024-27017
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Michal Kubeček
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/403782/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-27017:5.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-05-02 12:16 UTC by SMASH SMASH
Modified: 2024-05-03 14:48 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-05-02 12:16:11 UTC 
In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_pipapo: walk over current view on netlink dump

The generation mask can be updated while netlink dump is in progress.
The pipapo set backend walk iterator cannot rely on it to infer what
view of the datastructure is to be used. Add notation to specify if user
wants to read/update the set.

Based on patch from Florian Westphal.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-27017
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-27017.mbox
https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed
https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73
https://www.cve.org/CVERecord?id=CVE-2024-27017
https://bugzilla.redhat.com/show_bug.cgi?id=2278262