Описание
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
6.7 Medium
CVSS3
6 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.
Kernel: netfilter: xtables out-of-bounds read in u32_match_it()
A flaw was found in the Netfilter subsystem in the Linux kernel. The x ...
A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.
EPSS
6.7 Medium
CVSS3
6 Medium
CVSS3