This is CVE-2022-1972. ** Information type changed from Private Security to Public Security
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1972 ** Description changed: - placeholder - embargoed until June 2nd + [Impact] + An unprivileged user could write out-of-bounds by using nftables under a network namespace. + + [Test case] + Test the PoC available at https://seclists.org/oss-sec/2022/q2/164. + + [Potential regression] + nftables could be affected. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1976363 Title: upcoming update - nf oob Status in linux package in Ubuntu: Fix Released Bug description: [Impact] An unprivileged user could write out-of-bounds by using nftables under a network namespace. [Test case] Test the PoC available at https://seclists.org/oss-sec/2022/q2/164. [Potential regression] nftables could be affected. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1976363/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
