mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-07 05:28:59 +00:00
32 lines
1.6 KiB
JSON
32 lines
1.6 KiB
JSON
{
|
|
"id": "CVE-2024-36903",
|
|
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"published": "2024-05-30T16:15:13.867",
|
|
"lastModified": "2024-05-30T18:18:58.870",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix potential uninit-value access in __ip6_make_skb()\n\nAs it was done in commit fc1092f51567 (\"ipv4: Fix uninit-value access in\n__ip_make_skb()\") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flags\ninstead of testing HDRINCL on the socket to avoid a race condition which\ncauses uninit-value access."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ipv6: corrige el posible acceso a valores uninit en __ip6_make_skb() Como se hizo en el commit fc1092f51567 (\"ipv4: corrige el acceso a valores uninit en __ip_make_skb()\") para IPv4, verifique FLOWI_FLAG_KNOWN_NH en fl6->flowi6_flags en lugar de probar HDRINCL en el socket para evitar una condici\u00f3n de ejecuci\u00f3n que provoque acceso a valores uninit."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/2367bf254f3a27ecc6e229afd7a8b0a1395f7be3",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/4e13d3a9c25b7080f8a619f961e943fe08c2672c",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/68c8ba16ab712eb709c6bab80ff151079d11d97a",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
|
|
}
|
|
]
|
|
} |