4 matches found
UBUNTU-CVE-2024-56372
In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tunnapiallocfrags syzbot reported the following crash 1 Issue came with the blamed commit. Instead of going through all the iov components, we keep using the first one and end up with a malformed skb. 1 kernel BUG a...
CVE-2024-56372 net: tun: fix tun_napi_alloc_frags()
In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tunnapiallocfrags syzbot reported the following crash 1 Issue came with the blamed commit. Instead of going through all the iov components, we keep using the first one and end up with a malformed skb. 1 kernel BUG a...
kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...
The vulnerability of the tun_napi_alloc_frags() function in the drivers/net/tun.c module of the Linux TUN/TAP driver allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information, or to enhance their privileges.
The vulnerability of the tunnapiallocfrags function in the drivers/net/tun.c module of the Linux TUN/TAP driver is related to the lack of control over the boundaries of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...