The vulnerability of the fill_frame_info() function in the net/hsr/hsr_forward.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the fillframeinfo function in the net/hsr/hsrforward.c module of the Linux operating system is related to the use of uninitialized resources. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2024-56648

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

CVE-2024-56648 net: hsr: avoid potential out-of-bound access in fill_frame_info()

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...