A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat enterprise linux 8.0 |
||
redhat enterprise linux 9.0 |
||
fedoraproject fedora - |
||
linux linux kernel - |
||
debian debian linux 10.0 |
||
debian debian linux 12.0 |