CVE-2024-1086

netfilter: nf_tables: reject QUEUE/DROP verdict parameters

References

https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660
https://pwning.tech/nftables/
https://github.com/Notselwyn/CVE-2024-1086

Notes

 carnil> Commit fixes e0abdadcc6e1 ("netfilter: nf_tables: accept
 carnil> QUEUE/DROP verdict parameters") 3.15-rc1.
 carnil> Fixed for 6.7.y in 6.7.3, for 6.6.y in 6.6.15.

Bugs

Status

Branch	Status
4.19-buster-security	pending (4.19.309-1)
4.19-upstream-stable	released (4.19.307) [8365e9d92b85fda975a5ece7a3a139cb964018c8]
5.10-bullseye-security	released (5.10.209-2) [bugfix/all/netfilter-nf_tables-reject-QUEUE-DROP-verdict-parame.patch]
5.10-upstream-stable	released (5.10.210) [55a60251fa50d4e68175e36666b536a602ce4f6c]
6.1-bookworm-security	released (6.1.76-1)
6.1-upstream-stable	released (6.1.76) [8e34430e33b8a80bc014f3efe29cac76bc30a4b4]
6.6-upstream-stable	unknown
6.8-upstream-stable	unknown
sid	released (6.6.15-1)
upstream	released (6.8-rc2) [f342de4e2f33e0e39165d8639387aa6c19dff660]