发布于3月6日3月6日 Members VMware Photon OS: CVE-2024-50251 Severity 5 CVSS (AV:L/AC:L/Au:N/C:N/I:N/A:C) Published 11/09/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-50251 CVE - 2024-50251
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。