GHSA-2fjw-whxm-9v4q

Опубликовано: 25 нояб. 2025

Источник: github

Github: Прошло ревью

CVSS4: 9.3

Описание

libnftnl has Heap-based Buffer Overflow in nftnl::Batch::with_page_size (nftnl-rs)

A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::with_page_size constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch initialization.

The flaw was fixed in commit 94a286f by adding an overflow check:

batch_page_size .checked_add(crate::nft_nlmsg_maxsize()) .expect("batch_page_size is too large and would overflow");

Ссылки

https://github.com/mullvad/nftnl-rs/issues/76#issue-3528876468
https://github.com/mullvad/nftnl-rs/commit/94a286f87e88f431913d19668246de9006790125
https://rustsec.org/advisories/RUSTSEC-2025-0126.html

Пакеты

Наименование

nftnl

rust

Затронутые версииВерсия исправления

<= 0.8.0

0.9.0

9.3 Critical

CVSS4

Дефекты

CWE-122

9.3 Critical

CVSS4

Дефекты

CWE-122