网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

CVE-2026-23455

来源: alibaba_cloud_linux_cve · 发布时间 2026-05-29 15:15 (UTC+08:00) · 抓取时间 2026-05-29 16:10 (UTC+08:00)

原文链接

摘要

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to DecodeH323_UserInformation(). If the encoded length is 0, the decrement wraps to -1, which is then passed as a large value to the decoder, leading to an out-of-bounds read. Add a check to ensure len is positive after the decrement.

标签

扩展字段

{
  "cve_id": "CVE-2026-23455",
  "raw_pub_date": "Fri, 29 May 2026 15:15:12 +0800"
}