๐ CVE-2024-26882 | Linux Kernel up to 6.8.1 net include/net/inet_ecn.h ip_tunnel_rcv uninitialized variable
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability was found in Linux Kernel up to 6.8.1. It has been classified as critical. Affected is the function ip_tunnel_rcv
in the library include/net/inet_ecn.h of the component net. The manipulation leads to use of uninitialized variable.
This vulnerability is traded as CVE-2024-26882. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component. ...