摘要:
In the Linux kernel, the following vulnerability has been resolved:netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()nf_osf_find() incorrectly returns true on mismatch, this leads tocopying uninitialized memory area in nft_osf which can be used to leakstale kernel stack data to userspace.
安全等级: Low
公告ID: KylinSec-SA-2024-2201
发布日期: 2024年5月28日
关联CVE: CVE-2022-48654
In the Linux kernel, the following vulnerability has been resolved:netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()nf_osf_find() incorrectly returns true on mismatch, this leads tocopying uninitialized memory area in nft_osf which can be used to leakstale kernel stack data to userspace.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-48654 | KY3.4-4A | kernel | Unaffected |
| CVE-2022-48654 | KY3.4-5 | kernel | Unaffected |
| CVE-2022-48654 | KY3.5.3 | kernel | Unaffected |
| CVE-2022-48654 | V6 | kernel | Unaffected |
