SB2024111046 - Incorrect calculation in Linux kernel netfilter
Published: November 10, 2024 Updated: May 12, 2025
Security Bulletin ID
SB2024111046
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Incorrect calculation (CVE-ID: CVE-2024-50251)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nft_payload_set_eval() function in net/netfilter/nft_payload.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/a661ed364ae6ae88c2fafa9ddc27df1af2a73701
- https://git.kernel.org/stable/c/ac7df3fc80fc82bcc3b1e8f6ebc0d2c435d0c534
- https://git.kernel.org/stable/c/e3e608cbad376674d19a71ccd0d41804d9393f02
- https://git.kernel.org/stable/c/b1d2de8a669fa14c499a385e056944d5352b3b40
- https://git.kernel.org/stable/c/d3217323525f7596427124359e76ea0d8fcc9874
- https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72
- https://git.kernel.org/stable/c/c43e0ea848e7b9bef7a682cbc5608022d6d29d7b
- https://git.kernel.org/stable/c/d5953d680f7e96208c29ce4139a0e38de87a57fe
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.323
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.229
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.171
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.285
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.116
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11.7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.60