Bug 1200522 (CVE-2022-2078)

Summary: VUL-0: CVE-2022-2078: kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse()
Product: [Novell Products] SUSE Security Incidents Reporter: Carlos López <carlos.lopez>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/334420/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Carlos López 2022-06-14 12:44:52 UTC 
rh#2096178

An attacker can trigger a buffer overflow of the Linux kernel, via nft_set_desc_concat_parse(), in order to trigger a denial of service, and possibly to run code.

Reference:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/nf_tables_api.c?id=fecf31ee395b0295f2d7260aa29946b7605f7c85

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2096178
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2078
Comment 1 Carlos López 2022-06-14 12:45:18 UTC 
Duplicate.

*** This bug has been marked as a duplicate of bug 1200019 ***