 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2024-26849 |
| Description: | In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit- value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] BUG: KMSAN: uninit-value in nla_validate_int_range lib/nlattr.c:336 [inline] BUG: KMSAN: uninit-value in validate_nla lib/nlattr.c:575 [inline] BUG: KMSAN: uninit-value in __nla_validate_parse+0x2e20/0x45c0 lib/nlattr.c:631 nla_validate_range_unsigned lib/nlattr.c:222 [inline] nla_validate_int_range lib/nlattr.c:336 [inline] validate_nla lib/nlattr.c:575 [inline] ... The message in question matches this policy: [NFTA_TARGET_REV] = NLA_POLICY_MAX(NLA_BE32, 255), but because NLA_BE32 size in minlen array is 0, the validation code will read past the malformed (too small) attribute. Note: Other attributes, e.g. BITFIELD32, SINT, UINT.. are also missing: those likely should be added too. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2024-26849 https://git.kernel.org/stable/c/0ac219c4c3ab253f3981f346903458d20bacab32 https://git.kernel.org/stable/c/0ac219c4c3ab253f3981f346903458d20bacab32 https://git.kernel.org/stable/c/7a9d14c63b35f89563c5ecbadf918ad64979712d https://git.kernel.org/stable/c/7a9d14c63b35f89563c5ecbadf918ad64979712d https://git.kernel.org/stable/c/9a0d18853c280f6a0ee99f91619f2442a17a323a https://git.kernel.org/stable/c/9a0d18853c280f6a0ee99f91619f2442a17a323a https://git.kernel.org/stable/c/a2ab028151841cd833cb53eb99427e0cc990112d https://git.kernel.org/stable/c/a2ab028151841cd833cb53eb99427e0cc990112d |