Количество 8
Количество 8
BDU:2024-04145
Уязвимость компоненты netfilter ядра операционной системы Linux в функции nft_verdict_init(), позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
CVE-2024-26609
[REJECTED CVE] An issue was identified in the Linux kernel's netfilter subsystem related to nf_tables. The issue occurs when a positive value, such as NF_ACCEPT, is provided in the upper 16 bits of NF_DROP verdict parameters, which are expected to contain valid errno values (e.g., -EPERM). This improper input handling could lead to memory corruption, potentially allowing attackers to exploit the system.
CVE-2024-26609
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
GHSA-pmp7-xx3c-wr9q
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject QUEUE/DROP verdict parameters This reverts commit e0abdadcc6e1. core.c:nf_hook_slow assumes that the upper 16 bits of NF_DROP verdicts contain a valid errno, i.e. -EPERM, -EHOSTUNREACH or similar, or 0. Due to the reverted commit, its possible to provide a positive value, e.g. NF_ACCEPT (1), which results in use-after-free. Its not clear to me why this commit was made. NF_QUEUE is not used by nftables; "queue" rules in nftables will result in use of "nft_queue" expression. If we later need to allow specifiying errno values from userspace (do not know why), this has to call NF_DROP_GETERR and check that "err <= 0" holds true.
ROS-20240821-02
Множественные уязвимости kernel-lt
RLSA-2024:3138
Moderate: kernel security, bug fix, and enhancement update
ELSA-2024-3138
ELSA-2024-3138: kernel security, bug fix, and enhancement update (MODERATE)
ELSA-2024-2394
ELSA-2024-2394: kernel security, bug fix, and enhancement update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-04145 Уязвимость компоненты netfilter ядра операционной системы Linux в функции nft_verdict_init(), позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 8.4 | больше 1 года назад | |
 | CVE-2024-26609 [REJECTED CVE] An issue was identified in the Linux kernel's netfilter subsystem related to nf_tables. The issue occurs when a positive value, such as NF_ACCEPT, is provided in the upper 16 bits of NF_DROP verdict parameters, which are expected to contain valid errno values (e.g., -EPERM). This improper input handling could lead to memory corruption, potentially allowing attackers to exploit the system. | CVSS3: 5.5 | больше 1 года назад | |
 | CVE-2024-26609 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | больше 1 года назад | ||
| GHSA-pmp7-xx3c-wr9q In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject QUEUE/DROP verdict parameters This reverts commit e0abdadcc6e1. core.c:nf_hook_slow assumes that the upper 16 bits of NF_DROP verdicts contain a valid errno, i.e. -EPERM, -EHOSTUNREACH or similar, or 0. Due to the reverted commit, its possible to provide a positive value, e.g. NF_ACCEPT (1), which results in use-after-free. Its not clear to me why this commit was made. NF_QUEUE is not used by nftables; "queue" rules in nftables will result in use of "nft_queue" expression. If we later need to allow specifiying errno values from userspace (do not know why), this has to call NF_DROP_GETERR and check that "err <= 0" holds true. | больше 1 года назад | ||
 | ROS-20240821-02 Множественные уязвимости kernel-lt | CVSS3: 9.8 | 10 месяцев назад | |
 | RLSA-2024:3138 Moderate: kernel security, bug fix, and enhancement update | около 1 года назад | ||
| ELSA-2024-3138 ELSA-2024-3138: kernel security, bug fix, and enhancement update (MODERATE) | около 1 года назад | ||
| ELSA-2024-2394 ELSA-2024-2394: kernel security, bug fix, and enhancement update (IMPORTANT) | около 1 года назад |
Уязвимостей на страницу