CVE-2024-26733

CVE-2024-26733 (Linux kernel) : A heap-based buffer overflow in arp_req_get() was fixed. The issue occurs when ioctl(SIOCGARP) copies neigh->ha into arpreq.arp_ha.sa_data (14-byte sockaddr) with a 14-byte copy, risking overflow into arp_flags and overwriting arp_netmask if dev->addr_len exc...