#VU87682 Out-of-bounds read in Linux kernel - CVE-2024-26597

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c when parsing the netlink attributes. A local user can trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Remediation

External links

• https://git.kernel.org/stable/c/093dab655808207f7a9f54cf156240aeafc70590
• https://git.kernel.org/stable/c/02467ab8b404d80429107588e0f3425cf5fcd2e5
• https://git.kernel.org/stable/c/2295c22348faf795e1ccdf618f6eb7afdb2f7447
• https://git.kernel.org/stable/c/3b5254862258b595662a0ccca6e9eeb88d6e7468
• https://git.kernel.org/stable/c/ee1dc3bf86f2df777038506b139371a9add02534
• https://git.kernel.org/stable/c/c4734535034672f59f2652e1e0058c490da62a5c
• https://git.kernel.org/stable/c/17d06a5c44d8fd2e8e61bac295b09153496f87e1
• https://git.kernel.org/stable/c/b33fb5b801c6db408b774a68e7c8722796b59ecc
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.306
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.209
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.148
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.268
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.75
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.14
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8