Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:netfilter: nft_payload: sanitize offset and length before calling skb_checksum()If access to offset + length is larger than the skbuff length, thenskb_checksum() triggers BUG_ON().skb_checksum() internally subtracts the length parameter while iteratingover skbuff, BUG_ON(len) at the end of it checks that the expectedlength to be included in the checksum calculation is fully consumed.
- https://github.com/slavin-ayu/CVE-2024-50251-PoC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/slavin-ayu/CVE-2024-50251-PoC
- https://github.com/w4zu/Debian_security