A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the nft_exthdr_eval
family of functions writes 4 NULL bytes past the end of the regs
argument, leading to stack corruption and potential information disclosure or a denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | <= 6.1.38-1 | linux_6.1.38-1_all.deb |
Debian | 11 | all | linux | <= 5.10.178-3 | linux_5.10.178-3_all.deb |
Debian | 10 | all | linux | <= 4.19.249-2 | linux_4.19.249-2_all.deb |
Debian | 999 | all | linux | <= 6.5.3-1 | linux_6.5.3-1_all.deb |