Описание
In the Linux kernel, the following vulnerability has been resolved:
ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
if (!type) continue; if (type > RTAX_MAX) return -EINVAL; ... metrics[type - 1] = val;
@type being used as an array index, we need to prevent cpu speculation or risk leaking kernel memory content.
Ссылки
- Patch
- Patch
- Patch
- Patch
- Patch
- Patch
Уязвимые конфигурации
Одно из
EPSS
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() if (!type) continue; if (type > RTAX_MAX) return -EINVAL; ... metrics[type - 1] = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking kernel memory content.
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() if (!type) continue; if (type > RTAX_MAX) return -EINVAL; ... metrics[type - 1] = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking kernel memory content.
In the Linux kernel, the following vulnerability has been resolved: i ...
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() if (!type) continue; if (type > RTAX_MAX) return -EINVAL; ... metrics[type - 1] = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking kernel memory content.
Уязвимость функции ip_metrics_convert() компонента ipv4 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3