In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [..] RIP: 0010:nf_tproxy_laddr4+0xb7/0x340 net/ipv4/netfilter/nf_tproxy_ipv4.c:62 Call Trace: nft_tproxy_eval_v4 net/netfilter/nft_tproxy.c:56 [inline] nft_tproxy_eval+0xa9a/0x1a00 net/netfilter/nft_tproxy.c:168 __in_dev_get_rcu() can return NULL, so check for this.
History

Wed, 02 Oct 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus
CPEs cpe:/a:redhat:rhel_eus:9.2
cpe:/a:redhat:rhel_eus:9.2::nfv
cpe:/o:redhat:rhel_aus:8.6
cpe:/o:redhat:rhel_e4s:8.6
cpe:/o:redhat:rhel_tus:8.6
Vendors & Products Redhat rhel Aus
Redhat rhel E4s
Redhat rhel Tus

Tue, 24 Sep 2024 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/o:redhat:rhel_eus:8.8
Vendors & Products Redhat rhel Eus

Wed, 11 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 11 Sep 2024 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Sep 2024 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel

Thu, 08 Aug 2024 23:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:8::nfv
cpe:/o:redhat:enterprise_linux:8

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-06-21T10:18:07.026Z

Updated: 2024-12-19T09:01:03.757Z

Reserved: 2024-06-21T10:13:16.302Z

Link: CVE-2024-36270

cve-icon Vulnrichment

Updated: 2024-08-02T03:37:04.470Z

cve-icon NVD

Status : Modified

Published: 2024-06-21T11:15:10.117

Modified: 2024-11-21T09:21:58.203

Link: CVE-2024-36270

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-06-21T00:00:00Z

Links: CVE-2024-36270 - Bugzilla