Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_newThis patch enhances error handling in scenarios with RTS (Request toSend) messages arriving closely. It replaces the less informative WARN_ON_ONCEbacktraces with a new error handling method. This provides clearer errormessages and allows for the early termination of problematic sessions.Previously, sessions were only released at the end of j1939_xtp_rx_rts().Potentially this could be reproduced with something like:testj1939 -r vcan0:0x80 &while true; do # send first RTS cansend vcan0 18EC8090#1014000303002301; # send second RTS cansend vcan0 18EC8090#1014000303002301; # send abort cansend vcan0 18EC8090#ff00000000002301;done
No PoCs from references.
- https://github.com/takaaki-fukunaga/cvechecker