In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check for ip should be done later, but this part is missing and it seems that the vulnerability occurs. So we should add missing range checks and remove unnecessary range checks.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024120606-CVE-2024-53141-195b@gregkh/T
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:7532 https://access.redhat.com/errata/RHSA-2025:7532
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:7531 https://access.redhat.com/errata/RHSA-2025:7531
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:7534 https://access.redhat.com/errata/RHSA-2025:7534
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:7526 https://access.redhat.com/errata/RHSA-2025:7526
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:7533 https://access.redhat.com/errata/RHSA-2025:7533
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:7652 https://access.redhat.com/errata/RHSA-2025:7652
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:7675 https://access.redhat.com/errata/RHSA-2025:7675
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:7682 https://access.redhat.com/errata/RHSA-2025:7682
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:7732 https://access.redhat.com/errata/RHSA-2025:7732
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:7896 https://access.redhat.com/errata/RHSA-2025:7896
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2025:7902 https://access.redhat.com/errata/RHSA-2025:7902
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Telecommunications Update Service Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Via RHSA-2025:7901 https://access.redhat.com/errata/RHSA-2025:7901
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:7897 https://access.redhat.com/errata/RHSA-2025:7897
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Via RHSA-2025:7899 https://access.redhat.com/errata/RHSA-2025:7899
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Extended Lifecycle Support Via RHSA-2025:7898 https://access.redhat.com/errata/RHSA-2025:7898