A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service.

Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.

A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service.

Уязвимость подсистемы netfilter операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

Security update for the Linux Kernel

ELSA-2024-12612: Unbreakable Enterprise kernel-container security update (IMPORTANT)

ELSA-2024-12610: Unbreakable Enterprise kernel security update (IMPORTANT)

Security update for the Linux Kernel