Описание
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
EPSS
6.1 Medium
CVSS3
6 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
Kernel: netfilter: xtables sctp out-of-bounds read in match_flags()
A flaw was found in the Netfilter subsystem in the Linux kernel. The s ...
A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.
EPSS
6.1 Medium
CVSS3
6 Medium
CVSS3