mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
142 lines
6.6 KiB
JSON
142 lines
6.6 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-35962",
|
|
"ASSIGNER": "cve@kernel.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: complete validation of user input\n\nIn my recent commit, I missed that do_replace() handlers\nuse copy_from_sockptr() (which I fixed), followed\nby unsafe copy_from_sockptr_offset() calls.\n\nIn all functions, we can perform the @optlen validation\nbefore even calling xt_alloc_table_info() with the following\ncheck:\n\nif ((u64)optlen < (u64)tmp.size + sizeof(tmp))\n return -EINVAL;"
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Linux",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Linux",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "0f038242b77d",
|
|
"version_value": "cf4bc359b761"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "440e948cf0ef",
|
|
"version_value": "97dab36e57c6"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "18aae2cb87e5",
|
|
"version_value": "c760089aa982"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "81d51b9b7c95",
|
|
"version_value": "89242d9584c3"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "58f2bfb789e6",
|
|
"version_value": "562b7245131f"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "0c83842df40f",
|
|
"version_value": "65acf6e0501a"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "5.10.215",
|
|
"version_value": "5.10.216"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "5.15.154",
|
|
"version_value": "5.15.156"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "6.1.85",
|
|
"version_value": "6.1.87"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "6.6.26",
|
|
"version_value": "6.6.28"
|
|
},
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "6.8.5",
|
|
"version_value": "6.8.7"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/cf4bc359b76144a3dd55d7c09464ef4c5f2b2b05",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/cf4bc359b76144a3dd55d7c09464ef4c5f2b2b05"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/97dab36e57c64106e1c8ebd66cbf0d2d1e52d6b7",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/97dab36e57c64106e1c8ebd66cbf0d2d1e52d6b7"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/c760089aa98289b4b88a7ff5a62dd92845adf223",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/c760089aa98289b4b88a7ff5a62dd92845adf223"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/89242d9584c342cb83311b598d9e6b82572eadf8",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/89242d9584c342cb83311b598d9e6b82572eadf8"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/562b7245131f6e9f1d280c8b5a8750f03edfc05c",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/562b7245131f6e9f1d280c8b5a8750f03edfc05c"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/65acf6e0501ac8880a4f73980d01b5d27648b956",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/65acf6e0501ac8880a4f73980d01b5d27648b956"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "bippy-9e1c9544281a"
|
|
}
|
|
} |