Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:netlabel: fix out-of-bounds memory accessesThere are two array out-of-bounds memory accesses, one incipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Botherrors are embarassingly simple, and the fixes are straightforward.As a FYI for anyone backporting this patch to kernels prior to v4.8,you'll want to apply the netlbl_bitmap_walk() patch tocipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist beforeLinux v4.8.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds