nvd-json-data-feeds/CVE-2024/CVE-2024-421xx/CVE-2024-42154.json

{
  "id": "CVE-2024-42154",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-07-30T08:15:06.933",
  "lastModified": "2024-07-30T13:32:45.943",
  "vulnStatus": "Undergoing Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_metrics: validate source addr length\n\nI don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4\nis at least 4 bytes long, and the policy doesn't have an entry\nfor this attribute at all (neither does it for IPv6 but v6 is\nmanually validated)."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp_metrics: validar la longitud de la direcci\u00f3n de origen. No veo nada comprobando que TCP_METRICS_ATTR_SADDR_IPV4 tenga al menos 4 bytes de longitud y la pol\u00edtica no tiene ninguna entrada para este atributo (tampoco lo hace para IPv6 pero v6 se valida manualmente)."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/19d997b59fa1fd7a02e770ee0881c0652b9c32c9",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/2a2e79dbe2236a1289412d2044994f7ab419b44c",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/31f03bb04146c1c6df6c03e9f45401f5f5a985d3",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/3d550dd5418729a6e77fe7721d27adea7152e321",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/66be40e622e177316ae81717aa30057ba9e61dff",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/8c2debdd170e395934ac0e039748576dfde14e99",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/cdffc358717e436bb67122bb82c1a2a26e050f98",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/ef7c428b425beeb52b894e16f1c4b629d6cebfb6",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
}
Auto-Update: 2024-07-30T10:00:26.528684+00:00 2024-07-30 10:03:21 +00:00			`{`
			`"id": "CVE-2024-42154",`
			`"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",`
			`"published": "2024-07-30T08:15:06.933",`
Auto-Update: 2024-07-30T14:00:19.118167+00:00 2024-07-30 14:03:15 +00:00			`"lastModified": "2024-07-30T13:32:45.943",`
Auto-Update: 2024-08-04T02:00:16.891362+00:00 2024-08-04 02:03:13 +00:00			`"vulnStatus": "Undergoing Analysis",`
Auto-Update: 2024-07-30T10:00:26.528684+00:00 2024-07-30 10:03:21 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_metrics: validate source addr length\n\nI don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4\nis at least 4 bytes long, and the policy doesn't have an entry\nfor this attribute at all (neither does it for IPv6 but v6 is\nmanually validated)."`
Auto-Update: 2024-07-30T14:00:19.118167+00:00 2024-07-30 14:03:15 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tcp_metrics: validar la longitud de la direcci\u00f3n de origen. No veo nada comprobando que TCP_METRICS_ATTR_SADDR_IPV4 tenga al menos 4 bytes de longitud y la pol\u00edtica no tiene ninguna entrada para este atributo (tampoco lo hace para IPv6 pero v6 se valida manualmente)."`
Auto-Update: 2024-07-30T10:00:26.528684+00:00 2024-07-30 10:03:21 +00:00			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://git.kernel.org/stable/c/19d997b59fa1fd7a02e770ee0881c0652b9c32c9",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/2a2e79dbe2236a1289412d2044994f7ab419b44c",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/31f03bb04146c1c6df6c03e9f45401f5f5a985d3",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/3d550dd5418729a6e77fe7721d27adea7152e321",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/66be40e622e177316ae81717aa30057ba9e61dff",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/8c2debdd170e395934ac0e039748576dfde14e99",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/cdffc358717e436bb67122bb82c1a2a26e050f98",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/ef7c428b425beeb52b894e16f1c4b629d6cebfb6",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`}`
			`]`
			`}`