CVE-2024-0607

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

History

27 Sep 2024, 13:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html', 'source': 'secalert@redhat.com'}
  • {'url': 'https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html', 'source': 'secalert@redhat.com'}

27 Jun 2024, 12:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -

25 Jun 2024, 22:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -

26 Jan 2024, 19:00

Type Values Removed Values Added
References () https://access.redhat.com/security/cve/CVE-2024-0607 - () https://access.redhat.com/security/cve/CVE-2024-0607 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2258635 - () https://bugzilla.redhat.com/show_bug.cgi?id=2258635 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63 - () https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63 - Patch
CWE NVD-CWE-Other
First Time Redhat enterprise Linux
Linux
Redhat
Linux linux Kernel
Fedoraproject
Fedoraproject fedora
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.6
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.7:rc1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

21 Jan 2024, 12:15

Type Values Removed Values Added
References
  • () https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63 -
Summary A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element, possibly leading to an out-of-bounds write. This flaw allows a local user to cause a denial of service or potentially escalate their privileges on the system. A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

18 Jan 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-18 16:15

Updated : 2024-09-27 13:15


NVD link : CVE-2024-0607

Mitre link : CVE-2024-0607

CVE.ORG link : CVE-2024-0607


JSON object : View

Products Affected

linux

  • linux_kernel

redhat

  • enterprise_linux

fedoraproject

  • fedora
CWE
NVD-CWE-Other CWE-229

Improper Handling of Values