Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-44983
HistorySep 04, 2024 - 7:54 p.m.

CVE-2024-44983 netfilter: flowtable: validate vlan header

2024-09-0419:54:32
Linux
www.cve.org
3
linux kernel
netfilter flowtable
vlan header validation
protocol field
vulnerability fix
security advisory

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

netfilter: flowtable: validate vlan header

Ensure there is sufficient room to access the protocol field of the
VLAN header, validate it once before the flowtable lookup.

=====================================================
BUG: KMSAN: uninit-value in nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32
nf_flow_offload_inet_hook+0x45a/0x5f0 net/netfilter/nf_flow_table_inet.c:32
nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626
nf_hook_ingress include/linux/netfilter_netdev.h:34 [inline]
nf_ingress net/core/dev.c:5440 [inline]

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/netfilter/nf_flow_table_inet.c",
      "net/netfilter/nf_flow_table_ip.c"
    ],
    "versions": [
      {
        "version": "4cd91f7c290f",
        "lessThan": "c05155cc4557",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4cd91f7c290f",
        "lessThan": "d9384ae7aec4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4cd91f7c290f",
        "lessThan": "0279c35d242d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4cd91f7c290f",
        "lessThan": "043a18bb6cf1",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "4cd91f7c290f",
        "lessThan": "6ea14ccb60c8",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/netfilter/nf_flow_table_inet.c",
      "net/netfilter/nf_flow_table_ip.c"
    ],
    "versions": [
      {
        "version": "5.13",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.13",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.166",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.107",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6.48",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.7",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

redhatcve 1
ubuntucve 1
osv 1
nvd 1
cve 1
debiancve 1
redhatcve
redhatcve
CVE-2024-44983
2024-09-04 22:15:12
ubuntucve
ubuntucve
CVE-2024-44983
2024-09-05 00:00:00
osv
osv
CVE-2024-44983
2024-09-04 20:15:07
nvd
nvd
CVE-2024-44983
2024-09-04 20:15:07
cve
cve
CVE-2024-44983
2024-09-04 20:15:07
debiancve
debiancve
CVE-2024-44983
2024-09-04 20:15:07

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2024-44983
redhatcve1ubuntucve1osv1nvd1cve1debiancve1