CVE-2024-35896 | Linux Kernel up to 5.10.214/5.15.153/6.1.84/6.6.25/6.8.4 Netfilter lib/dump_stack.c setsockopt optlen out-of-bounds (Nessus ID 209785 / WID-SEC-2025-1293)
A vulnerability described as problematic has been identified in Linux Kernel up to 5.10.214/5.15.153/6.1.84/6.6.25/6.8.4. The affected element is the function setsockopt in the library lib/dump_stack.c of the component Netfilter. Such manipulation of the argument optlen leads to out-of-bounds read.
This vulnerability is uniquely identified as CVE-2024-35896. The attack can only be initiated within the local network. No exploit exists.
Upgrading the affected component is recommended.