PT-2024-8500 · Linux+5 · Linux Kernel+5

Syzbot

Published

2024-04-10

Updated

2025-09-29

CVE-2024-35962

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the netfilter component of the Linux kernel and is caused by incomplete validation of user input. This can potentially allow an attacker to cause a denial of service. The vulnerability is associated with the use of copy from sockptr() and copy from sockptr offset() calls in do replace() handlers. To address this, validation of the @optlen variable can be performed before calling xt alloc table info() to prevent the issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2024:5928

ALSA-2025_16880

BDU:2024-10060

CESA-2024_5101

CVE-2024-35962

DLA-3842-1

INFSA-2024_5928

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

RHSA-2024:5066

RHSA-2024:5067

RHSA-2024:5101

RHSA-2024:5928

RHSA-2024_5101

RHSA-2024_5928

SUSE-SU-2024:2360-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2381-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2561-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Affected Products

Almalinux

Centos

Linux Kernel

Red Hat

Red Os

Suse

PT-2024-8500 · Linux+5 · Linux Kernel+5

CVE-2024-35962

Weakness Enumeration

Related Identifiers

Affected Products

References · 2746