nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| linux | linux_kernel | 2.6.14 - 4.9.326 | - |
| linux | linux_kernel | 4.10 - 4.14.291 | - |
| linux | linux_kernel | 4.15 - 4.19.255 |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
14
Affected Products
12
References
linux / linux_kernel
| - |
| linux | linux_kernel | 4.20 - 5.4.209 | - |
| linux | linux_kernel | 5.5 - 5.10.135 | - |
| linux | linux_kernel | 5.11 - 5.15.59 | - |
| linux | linux_kernel | 5.16 - 5.18.16 | - |
| debian | debian_linux | - | - |
| debian | debian_linux | - | - |
| netapp | active_iq_unified_manager | - | - |
| netapp | solidfire_\&_hci_management_node | - | - |
| netapp | solidfire_\&_hci_storage_node | - | - |
| netapp | solidfire_enterprise_sds | - | - |
| netapp | hci_compute_node | - | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability
Impact