CVE-2024-0607
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Summary
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
0 < 6.7-rc2 | affected |
Weaknesses
- CWE-229: Improper Handling of Values
Workarounds
To mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel netfilter module.
For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/security/cve/CVE-2024-0607
- https://bugzilla.redhat.com/show_bug.cgi?id=2258635
- https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://access.redhat.com/security/cve/CVE-2024-0607
- https://bugzilla.redhat.com/show_bug.cgi?id=2258635
- https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.