Re: [OSSA-2021-004] Neutron: Linuxbridge ARP filter bypass on Netfilter platforms (CVE-2021-38598)

[Jan Engelhardt <jengelh () inai de>]

On Tuesday 2021-08-17 17:17, Jeremy Stanley wrote:
> Description
> ~~~~~~~~~~~
> Jake Yip with ARDC and Justin Mammarella with the University of
> Melbourne reported a vulnerability in Neutron's linuxbridge driver
> on newer Netfilter-based platforms (the successor to IPTables).

ip_tables is running atop the netfilter API, so.... it's
not an ordered set with predecessors and successors.