22.03 LTS SP1版本是否收到CVE-2024-1086的安全漏洞影响?

22.03 LTS SP1版本是否收到CVE-2024-1086的安全漏洞影响?

看内核版本应该是受到影响了,不知道官方有没有解决方案

A use-after-free vulnerability in the Linux kernel s netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
有知道这个补丁在哪里下载吗?谢谢

可以在这里查找相关漏洞信息

2 Likes

nf_tables模块没有启用,也会有风险吗?默认也没有nftables服务。