An out-of-bounds read issue was found in the __xfrm_state_filter_match() function within the XFRM subsystem of the Linux kernel. This flaw requires CAP_NET_ADMIN to be exploited and could lead to information disclosure.
ZDI security advisory: https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/ Upstream fix: https://github.com/torvalds/linux/commit/dfa73c17d55b921e1d4e154976de35317e43a93a
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2242892]
This was fixed for Fedora with the 6.4.12 stable kernels
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2394
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:2950
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:3138 https://access.redhat.com/errata/RHSA-2024:3138