Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2022-36946 - log back

CVE-2022-36946 created at 28 Feb 2023 19:18:25

Severity

+

Unknown

Remote

+

Remote

Type

+	Denial of service

Description

+	nfqnl_mangle in net/netfilter/nfnetlink_queue.c allows remote attackers to cause a denial of service in the case of a nf_queue verdict with a one-byte nfta_payload attribute skb_pull can encounter a negative skb->len

References

+	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164
+	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7af4cc3fa158ff1dda6e7451c7e6afa6b0bb85cb
+	https://marc.info/?l=netfilter-devel&m=165883202007292&w=2
+	https://kernel.dance/#CVE-2022-36946

Notes