Описание
A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the nft_exthdr_eval family of functions writes 4 NULL bytes past the end of the regs argument, leading to stack corruption and potential information disclosure or a denial of service.
A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the nft_exthdr_eval family of functions writes 4 NULL bytes past the end of the regs argument, leading to stack corruption and potential information disclosure or a denial of service.
Связанные уязвимости
A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service.
Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.
Уязвимость подсистемы netfilter операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию
