ALAS2LIVEPATCH-2024-165 --- kernel-livepatch-4.14.336-253.554ID: oval:org.secpod.oval:def:1702148 | Date: (C)2024-02-28 (M)2024-04-29 |
Class: PATCH | Family: unix |
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 ; While creating a new netfilter table, lack of a safeguard against invalid nf_tables family values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access
Product: |
kernel-livepatch-4.14.336-253.554 |