CVE-2024-46783 - Linux tcp_bpf Send Message Buffer Overflow ( SEGFAULT )

2 months ago 23
ARTICLE AD BOX
CVE ID : CVE-2024-46783
Published : Sept. 18, 2024, 8:15 a.m. | 24 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers the flushing will result in sending a sk_msg larger than the current message size. In this case, in tcp_bpf_send_verdict(), 'copied' becomes negative at least in the following case: 468 case __SK_DROP: 469 default: 470 sk_msg_free_partial(sk, msg, tosend); 471 sk_msg_apply_bytes(psock, tosend); 472 *copied -= (tosend + delta); // Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article