Lucene search
Redhat.comRH:CVE-2024-35962HistoryMay 20, 2024 - 5:10 p.m.
CVE-2024-35962
2024-05-2017:10:08
redhat.com
access.redhat.com
4
linux kernel
netfilter
vulnerability
input validation
copy_from_sockptr_offset
mitigation
unsafe call
In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that do_replace() handlers use copy_from_sockptr() (which I fixed), followed by unsafe copy_from_sockptr_offset() calls. In all functions, we can perform the @optlen validation before even calling xt_alloc_table_info() with the following check: if ((u64)optlen < (u64)tmp.size + sizeof(tmp)) return -EINVAL;
Related
debiancve
debiancve
CVE-2024-35962
2024-05-20 10:15:11
cvelist
cvelist
CVE-2024-35962 netfilter: complete validation of user input
2024-05-20 09:41:53
nvd
nvd
CVE-2024-35962
2024-05-20 10:15:11
cve
cve
CVE-2024-35962
2024-05-20 10:15:11
ubuntucve
ubuntucve
CVE-2024-35962
2024-05-20 00:00:00
osv
osv
linux-5.10 - security update
2024-06-25 00:00:00