CVE-2024-27018

netfilter: br_netfilter: skip conntrack input hook for promisc packets

References

https://cve.org/CVERecord/?id=CVE-2024-27018

Notes

 carnil> Introduced in 62e7151ae3eb ("netfilter: bridge: confirm multicast packets
 carnil> before passing them up the stack"). Vulnerable versions: 5.15.151 6.1.81 6.6.21
 carnil> 6.7.9 6.8-rc7.

Bugs

Status

Branch	Status
4.19-buster-security	N/A "Vulnerable code not present"
4.19-upstream-stable	N/A "Vulnerable code not present"
5.10-bullseye-security	N/A "Vulnerable code not present"
5.10-upstream-stable	N/A "Vulnerable code not present"
6.1-bookworm-security	released (6.1.90-1)
6.1-upstream-stable	released (6.1.88) [b13db0d16bc7b2a52abcf5cb71334f63faa5dbd6]
6.6-upstream-stable	released (6.6.29) [3f59ac29dea0921637053908fe99268d157bbb9d]
6.8-upstream-stable	released (6.8.8) [43193174510ea4f3ce09b796e559a2fd9f148615]
sid	needed
upstream	released (6.9-rc5) [751de2012eafa4d46d8081056761fa0e9cc8a178]