Back to search
CVE-2024-42154
Published: Jul 30, 2024
Modified: May 11, 2026
PUBLISHED
Description
In the Linux kernel, the following vulnerability has been resolved: tcp_metrics: validate source addr length I don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4 is at least 4 bytes long, and the policy doesn't have an entry for this attribute at all (neither does it for IPv6 but v6 is manually validated).
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 3e7013ddf55af7bc191792b8aea0c2b94fb0fef5 - < 19d997b59fa1fd7a02e770ee0881c0652b9c32c9affected 3e7013ddf55af7bc191792b8aea0c2b94fb0fef5 - < 2a2e79dbe2236a1289412d2044994f7ab419b44caffected 3e7013ddf55af7bc191792b8aea0c2b94fb0fef5 - < cdffc358717e436bb67122bb82c1a2a26e050f98affected 3e7013ddf55af7bc191792b8aea0c2b94fb0fef5 - < ef7c428b425beeb52b894e16f1c4b629d6cebfb6affected 3e7013ddf55af7bc191792b8aea0c2b94fb0fef5 - < 31f03bb04146c1c6df6c03e9f45401f5f5a985d3+3 more versions |
Linux | Linux | affected 3.14unaffected 0 - < 3.14unaffected 4.19.318 - <= 4.19.*unaffected 5.4.280 - <= 5.4.*unaffected 5.10.222 - <= 5.10.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now