CVE-2024-41090

Updated: 2024-08-16 17:28:05.228784

Description:

In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tap_get_user_xdp()-->skb_set_network_header() may assume the size is more than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. In the alternative path, tap_get_user() already prohibits short frame which has the length less than Ethernet header size from being transmitted. This is to drop any frame shorter than the Ethernet header size just like how tap_get_user() does. CVE: CVE-2024-41090


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Released CLSA-2024:1725293298 2024-09-02 14:22:29
AlmaLinux 9.2 FIPS kernel 5.14.0 7.1 HIGH Released CLSA-2024:1725304408 2024-09-02 17:23:06
CentOS 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-08-22 12:16:21
CentOS 7 ELS kernel 3.10.0 7.1 HIGH Not Vulnerable 2024-08-27 03:40:59
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1725872696 2024-09-09 05:23:18
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1725876080 2024-09-09 12:13:05
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1725871927 2024-09-09 05:23:17
CloudLinux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-08-22 12:16:21
CloudLinux 7 ELS kernel 3.10.0 7.1 HIGH Needs Triage 2024-09-03 12:09:21
Oracle Linux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-08-22 12:16:21
Total: 11