[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2024-1151Date: (C)2024-02-12   (M)2024-06-14


A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.5CVSS Score :
Exploit Score: Exploit Score:
Impact Score: Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector:
Attack Complexity: Access Complexity:
Privileges Required: Authentication:
User Interaction: Confidentiality:
Scope: Integrity:
Confidentiality: Availability:
Integrity:  
Availability:  
  
Reference:
RHBZ#2262241
https://access.redhat.com/security/cve/CVE-2024-1151
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3LZROQAX7Q7LEP4F7WQ3KUZKWCZGFFP2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GS7S3XLTLOUKBXV67LLFZWB3YVFJZHRK/
https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/

CWE    1
CWE-121
OVAL    23
oval:org.secpod.oval:def:127240
oval:org.secpod.oval:def:708962
oval:org.secpod.oval:def:708940
oval:org.secpod.oval:def:89051684
...
XCCDF    1

© SecPod Technologies