This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. Reference: https://vuldb.com/?id.210357 https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern@kernel.org/T/#u
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2133491]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2148 https://access.redhat.com/errata/RHSA-2023:2148
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2458 https://access.redhat.com/errata/RHSA-2023:2458
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-3435