Lucene search

GitHub Advisory DatabaseGHSA-QJVF-8748-9W7H

HistoryJul 04, 2024 - 12:37 a.m.

github.com/google/nftable IP addresses were encoded in the wrong byte order

2024-07-0400:37:45

CWE-20

GitHub Advisory Database

github.com

github

nftable

ip addresses

byte order

bug

fixed

software

CVSS4

6.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/SC:L/VI:L/SI:L/VA:L/SA:L

AI Score

6.8

Confidence

Low

JSON

In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses).

This issue affects: https://pkg.go.dev/github.com/google/[email protected]

The bug was fixed in the next released version: https://pkg.go.dev/github.com/google/[email protected]

Affected configurations

Vulners

Node

googlehttps\Match\/\/github.com\/google\/nftables

VendorProductVersionCPE
googlehttps\//github.com/google/nftablescpe:2.3:a:google:https\:\/\/github.com\/google\/nftables:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	https\	//github.com/google/nftables	cpe:2.3:a:google:https\:\/\/github.com\/google\/nftables::::::::

References

bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596

github.com/advisories/GHSA-qjvf-8748-9w7h

github.com/crowdsecurity/cs-firewall-bouncer/issues/368

github.com/google/nftables/commit/b1f901b05510bed05c232c5049f68d1511b56a19

github.com/google/nftables/issues/225

nvd.nist.gov/vuln/detail/CVE-2024-6284

CVSS4

6.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/SC:L/VI:L/SI:L/VA:L/SA:L

AI Score

6.8

Confidence

Low

JSON

Related for GHSA-QJVF-8748-9W7H