1. Home
  2. Vulnerabilities
  3. CVE-2024-0607

CVE-2024-0607

CVSS v3.1 6.6 (Medium)
66% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 3
Advisories 30
NVD Status Modified
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

Weaknesses
CWE-229
Improper Handling of Values
CWE-NVD-Other
CVE Status
PUBLISHED
NVD Status
Modified
CNA
Red Hat, Inc.
Published Date
2024-01-18 16:15:08
(8 months ago)
Updated Date
2024-06-27 12:15:17
(2 months ago)

Affected Products

Fedoraproject

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Linux Kernel prior 6.7 version cpe:2.3:o:linux:linux_kernel < 6.7
  Linux Kernel 6.7 Rc1 cpe:2.3:o:linux:linux_kernel:6.7:rc1

Configuration #2

    CPE23 From Up To
  Fedoraproject Fedora 39 cpe:2.3:o:fedoraproject:fedora:39

Configuration #3

    CPE23 From Up To
  Redhat Enterprise Linux 8.0 cpe:2.3:o:redhat:enterprise_linux:8.0
  Redhat Enterprise Linux 9.0 cpe:2.3:o:redhat:enterprise_linux:9.0