发布于3月6日3月6日 Members Red Hat: CVE-2024-35962: kernel: netfilter: complete validation of user input (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/20/2024 Created 09/14/2024 Added 09/13/2024 Modified 12/05/2024 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that do_replace() handlers use copy_from_sockptr() (which I fixed), followed by unsafe copy_from_sockptr_offset() calls. In all functions, we can perform the @optlen validation before even calling xt_alloc_table_info() with the following check: if ((u64)optlen < (u64)tmp.size + sizeof(tmp)) return -EINVAL; Solution(s) redhat-upgrade-kernel redhat-upgrade-kernel-rt References CVE-2024-35962 RHSA-2024:5066 RHSA-2024:5067 RHSA-2024:5928
