CVE-2024-0607

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Jan 18, 2024

Updated: Jun 27, 2024

CWE ID 229

Summary

CVE-2024-0607: A vulnerability was discovered in the Netfilter subsystem of the Linux kernel. The issue lies in the nft_byteorder_eval() function, where the code writes 8 bytes to a u32 array named `dst`, although each element of the array can only hold 4 bytes. This results in overwriting part of the previous element in the array, leading to a denial of service or potential NetFilter functionality disruption. A local user can exploit this flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uKq9z6
https://www.cve.org/CVERecord?id=CVE-2024-0607
https://nvd.nist.gov/vuln/detail/CVE-2024-0607

Back to Vulnerability Database

CVE-2024-0607

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations