6 matches found
CVE-2024-36927
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...
CVE-2024-36927
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...
CVE-2024-36927
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...
CVE-2024-36927 ipv4: Fix uninit-value access in __ip_make_skb()
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...
CVE-2024-36927 ipv4: Fix uninit-value access in __ip_make_skb()
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...
CVE-2024-36927
The CVE-2024-36927 issue is in the Linux kernel IPv4 path: uninit-value access in __ip_make_skb() due to a race with HDRINCL. The fix checks FLOWI_FLAG_KNOWN_NH on fl4->flowi4_flags instead of socket HDRINCL, and explicitly initializes fl4_icmp_type and fl4_icmp_code in raw_sendmsg() (the fiel...