3 matches found
CVE-2024-35976
In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Make sure to validate setsockopt @optlen parameter. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset...
CVE-2024-35976
In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDPUMEM|COMPLETIONFILLRING syzbot reported an illegal copy in xsksetsockopt 1 Make sure to validate setsockopt @optlen parameter. 1 BUG: KASAN: slab-out-of-bounds in copyfromsockptroffset...
CVE-2024-35976
CVE-2024-35976 : In the Linux kernel, a proposed input validation bug in XDP_SOCKET options (XDP_{UMEM|COMPLETION}_FILL_RING) allowed a read of 4 bytes via an invalid @optlen path in xsk_setsockopt, tracked by syzbot with KASAN slab-out-of-bounds. The issue arises during setsockopt handling and i...