ELSA-2014-3054 -- Oracle kernel-uek_ofa_mlnx_enID: oval:org.secpod.oval:def:1500657 | Date: (C)2014-11-07 (M)2024-04-17 |
Class: PATCH | Family: unix |
The BPF_S_ANC_NLATTR and BPF_S_ANC_NLATTR_NEST extensions fail to check for a minimal message length before testing the supplied offset to be within the bounds of the message. This allows the subtraction of the nla header to underflow and therefore -- as the data type is unsigned -- allowing far to big offset and length values for the search of the netlink attribute.
Product: |
kernel-uek |
ofa |
mlnx_en |