CVE-2024-44983

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate vlan header Ensure there is sufficient room to access the protocol field of the VLAN header, validate it once before the flowtable lookup. ===================================================== BUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline] nf_ingress net/core/dev.c:5440 [inline]
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*

History

10 Sep 2024, 16:57

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/0279c35d242d037abeb73d60d06a6d1bb7f672d9 - () https://git.kernel.org/stable/c/0279c35d242d037abeb73d60d06a6d1bb7f672d9 - Patch
References () https://git.kernel.org/stable/c/043a18bb6cf16adaa2f8642acfde6e8956a9caaa - () https://git.kernel.org/stable/c/043a18bb6cf16adaa2f8642acfde6e8956a9caaa - Patch
References () https://git.kernel.org/stable/c/6ea14ccb60c8ab829349979b22b58a941ec4a3ee - () https://git.kernel.org/stable/c/6ea14ccb60c8ab829349979b22b58a941ec4a3ee - Patch
References () https://git.kernel.org/stable/c/c05155cc455785916164aa5e1b4605a2ae946537 - () https://git.kernel.org/stable/c/c05155cc455785916164aa5e1b4605a2ae946537 - Patch
References () https://git.kernel.org/stable/c/d9384ae7aec46036d248d1c2c2757e471ab486c3 - () https://git.kernel.org/stable/c/d9384ae7aec46036d248d1c2c2757e471ab486c3 - Patch
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.11:rc2:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.1
CWE CWE-908

05 Sep 2024, 12:53

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: flowtable: validar encabezado de VLAN Asegúrese de que haya suficiente espacio para acceder al campo de protocolo del encabezado de VLAN, valídelo una vez antes de la búsqueda de la tabla de flujo. ======================================================= ERROR: KMSAN: valor no inicializado en nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32 nf_hook_entry_hookfn include/linux/netfilter.h:154 [en línea] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_ingress include/linux/netfilter_netdev.h:34 [en línea] nf_ingress net/core/dev.c:5440 [en línea]

04 Sep 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-04 20:15

Updated : 2024-09-10 16:57


NVD link : CVE-2024-44983

Mitre link : CVE-2024-44983

CVE.ORG link : CVE-2024-44983


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-908

Use of Uninitialized Resource