In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through
2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be
worthwhile because an empty ipset name must be configured by the user.
Author | Note |
---|---|
Priority reason: An invalid and unlikely configuration must be set for this | |
mdeslaur | An empty ipset name needs to be configured by the user, which is an invalid configuration and unlikely. Setting priority to low. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | keepalived | < any | UNKNOWN |
ubuntu | 20.04 | noarch | keepalived | < any | UNKNOWN |
ubuntu | 22.04 | noarch | keepalived | < any | UNKNOWN |
ubuntu | 24.04 | noarch | keepalived | < any | UNKNOWN |
ubuntu | 14.04 | noarch | keepalived | < any | UNKNOWN |
ubuntu | 16.04 | noarch | keepalived | < any | UNKNOWN |