跳转到帖子

Red Hat: CVE-2024-36978: kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (Multiple Advisories)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Red Hat: CVE-2024-36978: kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (Multiple Advisories)

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
06/19/2024
Created
07/26/2024
Added
07/25/2024
Modified
12/05/2024

Description

In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent code logic after kmalloc. So the old q->bands should not be used in kmalloc. Otherwise, an out-of-bounds write will occur.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-rt

References

  • CVE-2024-36978
  • RHSA-2024:4823
  • RHSA-2024:4831
  • RHSA-2024:5101
  • RHSA-2024:5102
  • RHSA-2024:6993
  • RHSA-2024:8162
View more
  • 引用
  • Mention
    • 查看数 731
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

    游客
    回帖…
    转到主题列表