netfilter: nf_tables: stricter validation of element data
Make sure element data type and length do not mismatch the one specified
by the set declaration.
Fixes: 7d7402642eaf ("netfilter: nf_tables: variable sized set element keys / data")
Reported-by: Hugues ANGUELKOV <hanguelkov@randorisec.fr>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
CVE-2022-34918
(cherry picked from commit
7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6 net.git)
Signed-off-by: Cengiz Can <cengiz.can@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>