- Description
- In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check for ip should be done later, but this part is missing and it seems that the vulnerability occurs. So we should add missing range checks and remove unnecessary range checks.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt https://t.co/ZalPG49kRS I have completed writing a PoC that successfully LPE using my vulnerability :) https://t.co/gHcWH9jMlg
@aha310510
18 Jan 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt https://t.co/ZalPG49kRS https://t.co/o6yqb5XJDp
@aha310510
18 Jan 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-53141 | Linux Kernel up to 4.19.324/6.11.10/6.12.1 netfilter bitmap_ip_uadt Privilege Escalation (Nessus ID 214250)) has been published on https://t.co/qysxIKqqKv
@WolfgangSesin
16 Jan 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2023-6932, CVE-2023-0461: UaF/LPE in Linux kernel https://t.co/OOfZ4dy95Q 2. CVE-2024-53141: An OOB Write Vulnerability in Netfiler Ipset https://t.co/rVzuElL9KO 3. CVE-2024-50603: Aviatrix Network Controller Command Injection Vulnerability… https://t.co/s0jItYw
@ksg93rd
9 Jan 2025
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-53141 (CVSS:7.8, HIGH) is Analyzed. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap..https://t.co/eL4jWyuse9 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
11 Dec 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-53141 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not pre… https://t.co/GJo7s2Y0N0
@CVEnew
6 Dec 2024
332 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C7770FA-B486-4531-9A29-FE9BC1D2E0D9",
"versionEndExcluding": "4.19.325",
"versionStartIncluding": "2.6.39"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D42B3E7C-85DF-4DBF-A6EC-E45F69FF2DCA",
"versionEndExcluding": "6.6.64",
"versionStartIncluding": "4.20"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893",
"versionEndExcluding": "6.11.11",
"versionStartIncluding": "6.7"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776",
"versionEndExcluding": "6.12.2",
"versionStartIncluding": "6.12"
}
],
"operator": "OR"
}
]
}
]