---

CVE-2022-1016 - log back

CVE-2022-1016 created at 03 May 2022 23:22:49
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description	+ CVE-2022-1016 pertains to uninitialized stack data in the nft_do_chain routine. CVE-2022-1016 is exploitable starting from commit 96518518cc41 (original merge of nf_tables), v3.13-rc1, and has been fixed in commit 4c905f6740a3 ("netfilter: nf_tables: initialize registers in nft_do_chain()").
References	+ https://www.openwall.com/lists/oss-security/2022/03/28/5 + https://git.kernel.org/linus/4c905f6740a365464e91467aa50916555b28213d
Notes	+ TODO