Linux Kernel Netfilter nf_tables Chain Reference Counter Underflow Vulnerability

A vulnerability in the Linux kernel's netfilter component, specifically within the nf_tables subsystem, has been addressed. The issue involved an underflow in the chain reference counter, which was caused by the error handling process for set element additions. This process inadvertently decremented the reference counter on chains twice: once during element release and again through a function that handles data val releases. The vulnerability arose when a previous fix removed the necessary stateful object reference count decrement, leading to a mismanagement of reference counts. The latest correction reinstates this decrement, ensuring that the chain reference counter is properly managed. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to improper management of reference counters, potentially causing memory management issues such as use-after-free vulnerabilities.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree to address this vulnerability.