Back

CVE-2024-42070

July 29, 2024, 4:21 p.m.

Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

Products

Linux kernel

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-07-29
CVE-2024-42070

CVE-2024-42070 details

Published : July 29, 2024, 4:15 p.m.
Last Modified : July 29, 2024, 4:21 p.m.

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa1c2980f 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/7931d32955e09d0a11b1fe0b6aac1bfa061c005c 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564 416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007 416baaa9-dc9f-4396-8d5f-8c081fb06d67
This website uses the NVD API, but is not approved or certified by it.