THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-27016

netfilter: flowtable: validate pppoe header

Reserved:2024-02-19
Published:2024-05-01
Updated:2024-05-13

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure there is sufficient room to access the protocol field of the PPPoe header. Validate it once before the flowtable lookup, then use a helper function to access protocol field.

Product status

Default status
unaffected

72efd585f714 before d06977b9a410
affected

72efd585f714 before 8bf7c76a2a20
affected

72efd585f714 before a2471d271042
affected

72efd585f714 before cf366ee3bc1b
affected

72efd585f714 before 87b3593bed18
affected

Default status
affected

5.13
affected

Any version before 5.13
unaffected

5.15.157
unaffected

6.1.88
unaffected

6.6.29
unaffected

6.8.8
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/d06977b9a4109f8738bb276125eb6a0b772bc433

https://git.kernel.org/stable/c/8bf7c76a2a207ca2b4cfda0a279192adf27678d7

https://git.kernel.org/stable/c/a2471d271042ea18e8a6babc132a8716bb2f08b9

https://git.kernel.org/stable/c/cf366ee3bc1b7d1c76a882640ba3b3f8f1039163

https://git.kernel.org/stable/c/87b3593bed1868b2d9fe096c01bcdf0ea86cbebf

cve.org CVE-2024-27016

nvd.nist.gov CVE-2024-27016

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-27016