← Back

CVE-2024-0607

nvd nist
Published: Jan 18, 2024Modified: Nov 21, 2024

JSON object

Loading...
6.6
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Exploitability: 1.8 / Impact: 4.7
Source: NVD

Description

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

Affected (5)

Linux
1 product
Linux Kernel
Fedoraproject
1 product
Fedora
Redhat
1 product
Enterprise Linux
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Before 6.7
Linux Kernel
Version 6.7 rc1
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Fedora
Version 39
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Enterprise Linux
Version 8.0
Enterprise Linux
Version 9.0

Related CWEs

CWE-229
Improper Handling of Values
The product does not properly handle when the expected number of values for parameters, fields, or arguments is not provided in input, or if those values are undefined.

References (8)

Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Issue TrackingPatchThird Party Advisory
Source: secalert@redhat.com
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.