跳转到帖子

VMware Photon OS: CVE-2024-26763

recommended_posts

发布于
  • Members

VMware Photon OS: CVE-2024-26763

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
04/03/2024
Created
01/21/2025
Added
01/20/2025
Modified
01/20/2025

Description

In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified [1]. So, fix this problem by copying the data into the clone bio first and then encrypt them inside the clone bio. This may reduce performance, but it is needed to prevent the user from corrupting the device by writing data with O_DIRECT and modifying them at the same time. [1] https://lore.kernel.org/all/[email protected]/T/

Solution(s)

  • vmware-photon_os_update_tdnf

References

  • https://attackerkb.com/topics/cve-2024-26763
  • CVE - 2024-26763
  • 查看数 702
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…