4 matches found
CVE-2024-37356
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...
UBUNTU-CVE-2024-37356
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...
CVE-2024-37356 tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcpupdatealpha. In dctcpupdatealpha, we use a module parameter dctcpshiftg as follows: alpha -= minnotzeroalpha, alpha dctcpshiftg; ... deliveredce /sys/module/tcpdctcp/parameters/dctcpshiftg cat...
CVE-2024-37356
CVE-2024-37356 : In Linux kernel, the vulnerability is a shift-out-of-bounds in dctcp_update_alpha() triggered by setting dctcp_shift_g to large values (e.g., 100). The issue arises from alpha and delivered_ce computations using dctcp_shift_g, leading to an UBSAN shift-out-of-bounds and potential...