Overview
About vulnerability
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_tproxy: restrict to prerouting hook
TPROXY is only allowed from prerouting, but nft_tproxy doesn’t check this. This fixes a crash (null dereference) when using tproxy from e.g. output.
Details
- Affected product:
- CentOS 8.4 ELS , CentOS 8.5 ELS
- Affected packages:
- kernel @ 4.18.0 (+1 more)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_tproxy: restrict to prerouting hook
TPROXY is only allowed from prerouting, but nft_tproxy doesn’t check this. This fixes a crash (null dereference) when using tproxy from e.g. output.