leviathan
6a0a7d8718
Pre-scaffolding for the next batch (CVE-2023-32233, CVE-2023-4622, CVE-2022-25636, CVE-2023-0179). Each module ships as a 21-line stub returning PRECOND_FAIL; parallel agents fill in the real detect/exploit/--full-chain implementations. This commit keeps registry.h / iamroot.c / Makefile in one place so the 4 parallel agents don't collide on shared-file edits — they each own a single iamroot_modules.c. Build clean on Debian 6.12.86; --list shows all 24 modules including the 4 new stubs.
24 lines
811 B
C
24 lines
811 B
C
/* nft_fwd_dup_cve_2022_25636 — STUB pending agent implementation. */
|
|
#include "iamroot_modules.h"
|
|
#include "../../core/registry.h"
|
|
|
|
static iamroot_result_t nft_fwd_dup_detect(const struct iamroot_ctx *ctx)
|
|
{
|
|
(void)ctx;
|
|
return IAMROOT_PRECOND_FAIL;
|
|
}
|
|
|
|
const struct iamroot_module nft_fwd_dup_module = {
|
|
.name = "nft_fwd_dup",
|
|
.cve = "CVE-2022-25636",
|
|
.summary = "nft_fwd_dup_netdev_offload heap OOB (Aaron Adams) — stub pending implementation",
|
|
.family = "nf_tables",
|
|
.kernel_range = "5.4 ≤ K < 5.18",
|
|
.detect = nft_fwd_dup_detect,
|
|
.exploit = NULL, .mitigate = NULL, .cleanup = NULL,
|
|
.detect_auditd = NULL, .detect_sigma = NULL,
|
|
.detect_yara = NULL, .detect_falco = NULL,
|
|
};
|
|
|
|
void iamroot_register_nft_fwd_dup(void) { iamroot_register(&nft_fwd_dup_module); }
|