Vulnerability identifier: #VU93613
Vulnerability risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-682
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the nf_tables_addchain() function in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/41bad13c0e8a5a2b47a7472cced922555372daab
http://git.kernel.org/stable/c/7b6fba6918714afee3e17796113ccab636255c7b
http://git.kernel.org/stable/c/8ba81dca416adf82fc5a2a23abc1a8cc02ad32fb
http://git.kernel.org/stable/c/745cf6a843896cdac8766c74379300ed73c78830
http://git.kernel.org/stable/c/420132bee3d0136b7fba253a597b098fe15493a7
http://git.kernel.org/stable/c/e95bb4cba94c018be24b11f017d1c55dd6cda31a
http://git.kernel.org/stable/c/994209ddf4f430946f6247616b2e33d179243769
http://git.kernel.org/stable/c/6d12f21f8bbe23fde25b77c2bf5973c136b8bef8
http://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.