CVE-2024-42247

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 7, 2024
Updated: Aug 8, 2024
CWE ID 770

Summary

CVE-2024-42247 is a vulnerability affecting the Linux kernel's WireGuard module on the parisc platform. The issue involves unaligned 64-bit memory accesses when processing IPv6 addresses in the 'wg_allowedips_insert_v6' function. This can lead to kernel warnings due to attempts to load 128-bit IPv6 addresses from unaligned memory locations. To address this issue, the recommended solution is to use the 'get_unaligned_be64()' helper macro instead of unaligned memory accesses. This patch, which involves replacing 'src[8]' with 'src+8', is intended to prevent such unaligned memory accesses and resolve the vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share