Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-0607

Опубликовано: 18 янв. 2024
Источник: nvd
CVSS3: 6.6
EPSS Низкий

Описание

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 6.7 (исключая)
cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%
0.00015
Низкий

6.6 Medium

CVSS3

Дефекты

CWE-229
NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2024-0607

CVSS3: 6.6
ubuntu
больше 1 года назад

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

redhat логотип

CVE-2024-0607

CVSS3: 6.6
redhat
больше 1 года назад

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

msrc логотип

CVE-2024-0607

CVSS3: 6.6
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2024-0607

CVSS3: 6.6
debian
больше 1 года назад

A flaw was found in the Netfilter subsystem in the Linux kernel. The i ...

github логотип

GHSA-6xx6-9hj3-4rv2

CVSS3: 7.8
github
больше 1 года назад

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element, possibly leading to an out-of-bounds write. This flaw allows a local user to cause a denial of service or potentially escalate their privileges on the system.

EPSS

Процентиль: 2%
0.00015
Низкий

6.6 Medium

CVSS3

Дефекты

CWE-229
NVD-CWE-Other