Описание
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
Одно из
EPSS
3.2 Low
CVSS3
4.4 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.
A flaw was found in the XFRM subsystem in the Linux kernel. The specif ...
A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.
Уязвимость функции xfrm_dump_sa() модуля net/xfrm/xfrm_user.c подсистемы XFRM ядра операционной системы Linux, позволяющая нарушителю получить доступ к защищаемой информации
EPSS
3.2 Low
CVSS3
4.4 Medium
CVSS3