CVE - CVE-2024-36946

CVE-ID
CVE-2024-36946	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: phonet: fix rtm_phonet_notify() skb allocation fill_route() stores three components in the skb: - struct rtmsg - RTA_DST (u8) - RTA_OIF (u32) Therefore, rtm_phonet_notify() should use NLMSG_ALIGN(sizeof(struct rtmsg)) + nla_total_size(1) + nla_total_size(4)
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/4ff334cade9dae50e4be387f71e94fae634aa9b4 URL:https://git.kernel.org/stable/c/4ff334cade9dae50e4be387f71e94fae634aa9b4 MISC:https://git.kernel.org/stable/c/728a83160f98ee6b60df0d890141b9b7240182fe URL:https://git.kernel.org/stable/c/728a83160f98ee6b60df0d890141b9b7240182fe MISC:https://git.kernel.org/stable/c/9a77226440008cf04ba68faf641a2d50f4998137 URL:https://git.kernel.org/stable/c/9a77226440008cf04ba68faf641a2d50f4998137 MISC:https://git.kernel.org/stable/c/d8cac8568618dcb8a51af3db1103e8d4cc4aeea7 URL:https://git.kernel.org/stable/c/d8cac8568618dcb8a51af3db1103e8d4cc4aeea7 MISC:https://git.kernel.org/stable/c/dc6beac059f0331de97155a89d84058d4a9e49c7 URL:https://git.kernel.org/stable/c/dc6beac059f0331de97155a89d84058d4a9e49c7 MISC:https://git.kernel.org/stable/c/ec1f71c05caeba0f814df77e0f511d8b4618623a URL:https://git.kernel.org/stable/c/ec1f71c05caeba0f814df77e0f511d8b4618623a MISC:https://git.kernel.org/stable/c/ee9e39a6cb3ca2a3d35b4ae25547ee3526a44d00 URL:https://git.kernel.org/stable/c/ee9e39a6cb3ca2a3d35b4ae25547ee3526a44d00 MISC:https://git.kernel.org/stable/c/f085e02f0a32f6dfcfabc6535c9c4a1707cef86b URL:https://git.kernel.org/stable/c/f085e02f0a32f6dfcfabc6535c9c4a1707cef86b MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3840-1] linux security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html MLIST:[debian-lts-announce] 20240627 [SECURITY] [DLA 3843-1] linux-5.10 security update URL:https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
Assigning CNA
kernel.org
Date Record Created
20240530	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240530)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.