PT-2023-8400 · Linux+5 · Linux Kernel+5

Dan Carpenter

Published

2023-11-14

Updated

2026-02-18

CVE-2024-0607

CVSS v3.1

6.6

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft byteorder eval() function, where the code iterates through a loop and writes to the dst array. On each iteration, 8 bytes are written, but dst is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-229

Related Identifiers

ALT-PU-2024-10855

ALT-PU-2024-1867

ALT-PU-2025-12647

AZL-33913

AZL-34872

BDU:2024-00637

CVE-2024-0607

DLA-3840-1

DLA-3842-1

DSA-5681-1

OESA-2024-1097

OPENSUSE-SU-2024_0857-1

OPENSUSE-SU-2024_0858-1

SUSE-SU-2024:0855-1

SUSE-SU-2024:0856-1

SUSE-SU-2024:0857-1

SUSE-SU-2024:0858-1

SUSE-SU-2024:0900-1

SUSE-SU-2024:0900-2

SUSE-SU-2024:0910-1

SUSE-SU-2024:0925-1

SUSE-SU-2024:0926-1

SUSE-SU-2024:0975-1

SUSE-SU-2024:0976-1

SUSE-SU-2024:0977-1

USN-6639-1

USN-6680-1

USN-6680-2

USN-6680-3

USN-6686-1

USN-6686-2

USN-6686-3

USN-6686-4

USN-6686-5

USN-6705-1

USN-6726-1

USN-6726-2

USN-6726-3

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2023-8400 · Linux+5 · Linux Kernel+5

CVE-2024-0607

Weakness Enumeration

Related Identifiers

Affected Products

References · 371