Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAP9KPhDskZ1W_wnJ_Z8sNY9nqwLGyL0k3pjYwrhJ_TQnXcC-HA@mail.gmail.com>
Date: Tue, 30 Aug 2022 12:27:44 +1000
From: David Leadbeater <dgl@....cx>
To: oss-security@...ts.openwall.com
Subject: CVE-2022-2663: Linux netfilter: nf_conntrack_irc message handling

Description:

I've found an issue in nf_conntrack_irc where the message handling can
be confused and it incorrectly matches on the message.

Impact:

A firewall may be able to be bypassed when users are using unencrypted
IRC with nf_conntrack_irc configured.

Mitigations:

Linux: Disable nf_conntrack_irc (remove any --helper irc rules, and/or
unload the kernel module)
MikroTik: Remove IRC from the service ports list (/ip
firewall/service-port/disable irc)

Fix is posted here:
https://lore.kernel.org/netfilter-devel/20220826045658.100360-1-dgl@dgl.cx/T/
It will be making its way into upstream Linux soon.

I'll update in a couple of days with complete details.

David

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.