Linux Kernel Netfilter xt_multiport Range Encoding Validation Vulnerability

A vulnerability in the Linux kernel's netfilter component, specifically within the xt_multiport module, has been addressed. The issue arose because the range encoding of port specifications was not properly validated, allowing malformed rules to disrupt normal processing. This vulnerability affected the rule interpretation by skipping past the last valid port element, potentially leading to incorrect behavior in network traffic filtering.

Impact

Exploitation of this vulnerability could result in malformed multiport v1 rules being accepted, which could disrupt the normal functioning of the netfilter framework by misinterpreting port ranges in traffic rules.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.