CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

UVI-2021-1001439 net: validate lwtstate->data before returning from skb_tunnel_info()

net: validate lwtstate-data before returning from skbtunnelinfo This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.277 by commit...