Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that do_replace() handlers use copy_from_sockptr() (which I fixed), followed by unsafe copy_from_sockptr_offset() calls. In all functions, we can perform the @optlen validation before even calling xt_alloc_table_info() with the following check: if ((u64)optlen < (u64)tmp.size + sizeof(tmp)) return -EINVAL;

INFO

Published Date :

2024-05-20T09:41:53.207Z

Last Modified :

2025-05-04T09:09:19.304Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-35962 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Rhel Eus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-35962.

URL Resource
https://git.kernel.org/stable/c/562b7245131f6e9f1d280c8b5a8750f03edfc05c cve-icon cve-icon
https://git.kernel.org/stable/c/65acf6e0501ac8880a4f73980d01b5d27648b956 cve-icon cve-icon
https://git.kernel.org/stable/c/89242d9584c342cb83311b598d9e6b82572eadf8 cve-icon cve-icon
https://git.kernel.org/stable/c/97dab36e57c64106e1c8ebd66cbf0d2d1e52d6b7 cve-icon cve-icon
https://git.kernel.org/stable/c/c760089aa98289b4b88a7ff5a62dd92845adf223 cve-icon cve-icon
https://git.kernel.org/stable/c/cf4bc359b76144a3dd55d7c09464ef4c5f2b2b05 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024052020-CVE-2024-35962-e5ce@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-35962 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-35962 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact