CVE-2024-26665

tunnels: fix out of bounds access when building IPv6 PMTU error

References

Notes

 carnil> Introduced in 4cb47a8644cc ("tunnels: PMTU discovery support for directly
 carnil> bridged IP packets"). Vulnerable versions: 5.9-rc1.

Bugs

Status

Branch Status
4.19-buster-security N/A "Vulnerable code not present"
4.19-upstream-stable N/A "Vulnerable code not present"
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.210) [e77bf828f1ca1c47fcff58bdc26b60a9d3dfbe1d]
6.1-bookworm-security released (6.1.82-1)
6.1-upstream-stable released (6.1.78) [e37cde7a5716466ff2a76f7f27f0a29b05b9a732]
6.6-upstream-stable released (6.6.17) [510c869ffa4068c5f19ff4df51d1e2f3a30aaac1]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.7.7-1)
upstream released (6.8-rc4) [d75abeec401f8c86b470e7028a13fcdc87e5dd06]