CVSS4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/SC:L/VI:L/SI:L/VA:L/SA:L
AI Score
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
In https://github.com/google/nftables Β IP addresses were encoded in the wrong byte order,Β resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses).
This issue affects:Β https://pkg.go.dev/github.com/google/[email protected]
The bug was fixed in the next released version:Β https://pkg.go.dev/github.com/google/[email protected]
[
{
"repo": "https://github.com/google/nftables",
"vendor": "Google",
"product": "https://github.com/google/nftables",
"versions": [
{
"status": "affected",
"version": "0.1.0"
},
{
"status": "unaffected",
"version": "0.2.0"
}
],
"defaultStatus": "unaffected"
}
]
[
{
"cpes": [
"cpe:2.3:a:netfilter:nftables:*:*:*:*:*:*:*:*"
],
"vendor": "netfilter",
"product": "nftables",
"versions": [
{
"status": "affected",
"version": "0.1.0",
"lessThan": "0.2.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
]