4 matches found
kernel: netfilter: validate user input for expected length
CVE-2024-35896 is a vulnerability in the Linux kernel's Netfilter component, where the setsockopt function fails to properly validate the length of user-supplied data before copying it into kernel space. This oversight can lead to out-of-bounds memory access, potentially causing system crashes or...
kernel: netfilter: validate user input for expected length
CVE-2024-35896 is a vulnerability in the Linux kernel's Netfilter component, where the setsockopt function fails to properly validate the length of user-supplied data before copying it into kernel space. This oversight can lead to out-of-bounds memory access, potentially causing system crashes or...
UBUNTU-CVE-2024-35967
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported scosocksetsockopt is copying data without checking user input length. BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset include/linux/sockptr.h:49...
UBUNTU-CVE-2024-35976
In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Make sure to validate setsockopt @optlen parameter. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset...