** Description changed: A patch in kernel for CVE-2024-50038 was released and included in linux- aws: https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/ However this patch had a bug which was subsequently fixed shortly after the release of the original patch: - https://patchwork.ozlabs.org/project/netfilter- - devel/patch/[email protected]/ + https://lore.kernel.org/all/20241019-xtables- + [email protected]/ This subsequent bugfix patch has not been included in linux-aws, and is causing issues with tools using xtables such as `podman` and `kind`, see: - https://github.com/kubernetes-sigs/kind/issues/3765 - https://github.com/containers/podman/issues/24374 We have experienced this issue with podman on: Linux 6.8.0-1025-aws #27-Ubuntu SMP Wed Feb 19 19:10:47 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux To workaround it, we downgraded to: Linux 6.8.0-1024-aws #26-Ubuntu SMP Tue Feb 18 17:22:37 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux By including the [email protected] patch this should be resolved.
** Description changed: A patch in kernel for CVE-2024-50038 was released and included in linux- aws: https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/ However this patch had a bug which was subsequently fixed shortly after the release of the original patch: - https://lore.kernel.org/all/20241019-xtables- + https://patchwork.kernel.org/project/netdevbpf/patch/20241019-xtables- [email protected]/ This subsequent bugfix patch has not been included in linux-aws, and is causing issues with tools using xtables such as `podman` and `kind`, see: - https://github.com/kubernetes-sigs/kind/issues/3765 - https://github.com/containers/podman/issues/24374 We have experienced this issue with podman on: Linux 6.8.0-1025-aws #27-Ubuntu SMP Wed Feb 19 19:10:47 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux To workaround it, we downgraded to: Linux 6.8.0-1024-aws #26-Ubuntu SMP Tue Feb 18 17:22:37 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux By including the [email protected] patch this should be resolved. ** Description changed: A patch in kernel for CVE-2024-50038 was released and included in linux- aws: https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/ - However this patch had a bug which was subsequently fixed shortly after - the release of the original patch: + However this patch had a bug (ip6tables rules with --set-mark did not + work anymore) which was subsequently fixed shortly after the release of + the original patch: https://patchwork.kernel.org/project/netdevbpf/patch/20241019-xtables- [email protected]/ This subsequent bugfix patch has not been included in linux-aws, and is causing issues with tools using xtables such as `podman` and `kind`, see: - https://github.com/kubernetes-sigs/kind/issues/3765 - https://github.com/containers/podman/issues/24374 We have experienced this issue with podman on: Linux 6.8.0-1025-aws #27-Ubuntu SMP Wed Feb 19 19:10:47 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux To workaround it, we downgraded to: Linux 6.8.0-1024-aws #26-Ubuntu SMP Tue Feb 18 17:22:37 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux By including the [email protected] patch this should be resolved. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2104588 Title: include patch for netfilter xtables typo causing failure of IPv6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/2104588/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
