An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 7 | High | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Product | Vendor | Version |
|---|---|---|
| Red Hat Enterprise Linux 9.2 Extended Update Support | Red Hat | < 7d596bbc66a52ff2c7a83d7e0ee840cb07e2a045 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | Red Hat | < 5.19 |
| Red Hat Enterprise Linux 6 | Red Hat | <= 6.1.* |
| Red Hat Enterprise Linux 9 | Red Hat | <= * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | Red Hat | < f5f94b9c8b805d87ff185caf9779c3a4d07819e3 |
| Red Hat Enterprise Linux 7 | Red Hat | <= * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | Red Hat | 5.19 |