4 matches found
CVE-2024-27018
In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patch adds a workaroun...
CVE-2024-27018 netfilter: br_netfilter: skip conntrack input hook for promisc packets
In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patch adds a workaroun...
CVE-2024-27018 netfilter: br_netfilter: skip conntrack input hook for promisc packets
In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: skip conntrack input hook for promisc packets For historical reasons, when bridge device is in promisc mode, packets that are directed to the taps follow bridge input hook path. This patch adds a workaroun...
CVE-2024-27018
CVE-2024-27018 affects the Linux kernel br_netfilter component. The issue arises when a bridge device is in promiscuous mode, causing certain bridge-tapped packets to bypass conntrack input handling; a patch resets the conntrack state for these packets. The crash/reply trace and warnings (br_nf_l...