7.8 CVE-2024-53141
Patch
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: add missing range check in bitmap_ip_uadt
When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,
the values of ip and ip_to are slightly swapped. Therefore, the range check
for ip should be done later, but this part is missing and it seems that the
vulnerability occurs.
So we should add missing range checks and remove unnecessary range checks.
https://nvd.nist.gov/vuln/detail/CVE-2024-53141
Categories
CWE-NVD-noinfo
References
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 2.6.39 | < 4.19.325 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 4.20 | < 6.6.64 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 6.7 | < 6.11.11 |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | >= 6.12 | < 6.12.2 |
REMEDIATION
Patch
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| No known exploits |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
