The upstream stable rc git tree (http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/log/?h=linux-4.6.y) currently has the following commits for netfilter that address (with unprivileged user namespaces enabled) local privilege escalation. These are the commit references in linus' tree:
f24e230d257af1ad7476c6e81a8dc3127a74204e netfilter: x_tables: don't move to non-existent next rule 36472341017529e2b12573093cc0f68719300997 netfilter: x_tables: validate targets of jumps 7d35812c3214afa5b37a675113555259cfd67b98 netfilter: x_tables: add and use xt_check_entry_offsets aa412ba225dd3bc36d404c28cdc3d674850d80d0 netfilter: x_tables: kill check_entry helper a08e4e190b866579896c09af59b3bdca821da2cd netfilter: x_tables: assert minimum target size fc1221b3a163d1386d1052184202d5dc50d302d1 netfilter: x_tables: add compat version of xt_check_entry_offsets 7ed2abddd20cf8f6bd27f65bd218f26fa5bf7f44 netfilter: x_tables: check standard target size too ce683e5f9d045e5d67d1312a42b359cb2ab2a13c netfilter: x_tables: check for bogus target offset 13631bfc604161a9d69cd68991dff8603edd66f9 netfilter: x_tables: validate all offsets and sizes in a rule 7b7eba0f3515fca3296b8881d583f7c1042f5226 netfilter: x_tables: don't reject valid target size on some architectures
CRD: Public
The upstream stable rc git tree (http:// git.kernel. org/cgit/ linux/kernel/ git/stable/ linux-stable- rc.git/ log/?h= linux-4. 6.y) currently has the following commits for netfilter that address (with unprivileged user namespaces enabled) local privilege escalation. These are the commit references in linus' tree:
f24e230d257af1a d7476c6e81a8dc3 127a74204e netfilter: x_tables: don't move to non-existent next rule 2b12573093cc0f6 8719300997 netfilter: x_tables: validate targets of jumps 5b37a6751135552 59cfd67b98 netfilter: x_tables: add and use xt_check_ entry_offsets 36d404c28cdc3d6 74850d80d0 netfilter: x_tables: kill check_entry helper 9896c09af59b3bd ca821da2cd netfilter: x_tables: assert minimum target size 86d1052184202d5 dc50d302d1 netfilter: x_tables: add compat version of xt_check_ entry_offsets 6bd27f65bd218f2 6fa5bf7f44 netfilter: x_tables: check standard target size too d67d1312a42b359 cb2ab2a13c netfilter: x_tables: check for bogus target offset 9d69cd68991dff8 603edd66f9 netfilter: x_tables: validate all offsets and sizes in a rule 3296b8881d583f7 c1042f5226 netfilter: x_tables: don't reject valid target size on some architectures
36472341017529e
7d35812c3214afa
aa412ba225dd3bc
a08e4e190b86657
fc1221b3a163d13
7ed2abddd20cf8f
ce683e5f9d045e5
13631bfc604161a
7b7eba0f3515fca
CRD: Public