An out-of-bounds read issue was found in the Linux kernel in the u32_match_it() function, which is used to match packet content under netfilter. This flaw requires CAP_NET_ADMIN to be exploited and could lead to information disclosure.
ZDI security advisory: https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/ Upstream fix: https://github.com/torvalds/linux/commit/69c5d284f67089b4750d28ff6ac6f52ec224b330
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2242876]
This was fixed for Fedora with the 6.5.3 stable kernels.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:2950
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3138 https://access.redhat.com/errata/RHSA-2024:3138