mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
982 B
982 B
CVE-2024-53146
Description
In the Linux kernel, the following vulnerability has been resolved:NFSD: Prevent a potential integer overflowIf the tag length is >= U32_MAX - 3 then the "length + 4" additioncan result in an integer overflow. Address this by splitting thedecoding into several steps so that decode_cb_compound4res() doesnot have to perform arithmetic on the unsafe length value.
POC
Reference
No PoCs from references.