CVE-2024-35962
MEDIUMLinux Kernel 5.10.215-5.10.216, 5.15.154-5.15.156, 6.1.85-6.1.87, 6.6.26-6.6.28, 6.8.5-6.8.7 - Memory Corruption
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that do_replace() handlers use copy_from_sockptr() (which I fixed), followed by unsafe copy_from_sockptr_offset() calls. In all functions, we can perform the @optlen validation before even calling xt_alloc_table_info() with the following check: if ((u64)optlen < (u64)tmp.size + sizeof(tmp)) return -EINVAL;
References (9)
Core 9
Core References
Third Party Advisory, Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-265688.html
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-613116.html
Scores
CVSS v3
5.5
EPSS
0.0001
EPSS Percentile
0.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
Status
published
Products (20)
debian/debian_linux
10.0
linux/Kernel
5.10.215 - 5.10.216linux
linux/Kernel
5.15.154 - 5.15.156linux
linux/Kernel
6.1.85 - 6.1.87linux
linux/Kernel
6.6.26 - 6.6.28linux
linux/Kernel
6.8.5 - 6.8.7linux
Linux/Linux
0c83842df40f86e529db6842231154772c20edcc - 65acf6e0501ac8880a4f73980d01b5d27648b956
Linux/Linux
0f038242b77ddfc505bf4163d4904c1abd2e74d6 - cf4bc359b76144a3dd55d7c09464ef4c5f2b2b05
Linux/Linux
18aae2cb87e5faa9c5bd865260ceadac60d5a6c5 - c760089aa98289b4b88a7ff5a62dd92845adf223
Linux/Linux
440e948cf0eff32cfe322dcbca3f2525354b159b - 97dab36e57c64106e1c8ebd66cbf0d2d1e52d6b7
... and 10 more
Published
May 20, 2024
Tracked Since
Feb 18, 2026