8 matches found
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010822)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010822 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handler...
kernel: netfilter: complete validation of user input
A denial of service vulnerability exists in the Linux kernel such that @optlen validation is not called before the function xtalloctableinfo, an attacker could craft a payload that results in a crash resulting in loss of availability...
kernel: netfilter: complete validation of user input
A denial of service vulnerability exists in the Linux kernel such that @optlen validation is not called before the function xtalloctableinfo, an attacker could craft a payload that results in a crash resulting in loss of availability...
kernel: netfilter: complete validation of user input
A denial of service vulnerability exists in the Linux kernel such that @optlen validation is not called before the function xtalloctableinfo, an attacker could craft a payload that results in a crash resulting in loss of availability...
DEBIAN-CVE-2024-35962
In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handlers use copyfromsockptr which I fixed, followed by unsafe copyfromsockptroffset calls. In all functions, we can perform the @optlen...
CVE-2024-35962
In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handlers use copyfromsockptr which I fixed, followed by unsafe copyfromsockptroffset calls. In all functions, we can perform the @optlen...
CVE-2024-35962
CVE-2024-35962 (Linux kernel netfilter nf_tables) involves incomplete validation of user input in netfilter: complete validation of user input. Root cause: do_replace() handlers use copy_from_sockptr() followed by unsafe copy_from_sockptr_offset() without validating optlen early enough; the patch...
CVE-2024-35962 netfilter: complete validation of user input
In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handlers use copyfromsockptr which I fixed, followed by unsafe copyfromsockptroffset calls. In all functions, we can perform the @optlen...