active/CVE-2023-39197


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2218342
 https://www.zerodayinitiative.com/advisories/ZDI-CAN-21202
Notes:
 carnil> Commit fixes 2bc780499aa3 ("[NETFILTER]: nf_conntrack: add DCCP
 carnil> protocol support").
Bugs:
upstream: released (6.5-rc1) [ff0a3a7d52ff7282dbd183e7fc29a1fe386b0c30]
6.1-upstream-stable: released (6.1.39) [26bd1f210d3783a691052c51d76bb8a8bbd24c67]
5.10-upstream-stable: released (5.10.188) [9bdcda7abaf22f6453e5b5efb7eb4e524095d5d8]
4.19-upstream-stable: needed
sid: released (6.4.4-1)
6.1-bookworm-security: released (6.1.52-1)
5.10-bullseye-security: released (5.10.191-1)
4.19-buster-security: needed