Description
In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETH_ZLEN When sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETH_ZLEN, ensuring nothing is leaked in the padding. This bug can be reproduced by running $ ping -s 11 destination
Related CPE's
o
linux
linux_kernel
10
References
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.1 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Vulnerability status
Analyzed
Published
2024-09-27T13:15:17.063
2 weeks agoLast modified
2024-10-04T16:14:06.983
1 week ago