CVE-2024-41090

Updated: 2024-08-16 17:28:05.228784

Description:

In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tap_get_user_xdp() path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tap_get_user_xdp()-->skb_set_network_header() may assume the size is more than ETH_HLEN. Once transmitted, this could either cause out-of-bound access beyond the actual length, or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. In the alternative path, tap_get_user() already prohibits short frame which has the length less than Ethernet header size from being transmitted. This is to drop any frame shorter than the Ethernet header size just like how tap_get_user() does. CVE: CVE-2024-41090


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x HIGH 7.1000000000000005

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement
AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Released CLSA-2025:1743193221 2024-09-02 17:23:06
CentOS 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-08-22 12:16:21
CentOS 7 ELS kernel 3.10.0 7.1 HIGH Not Vulnerable 2024-08-27 03:40:59
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1725872696 2024-09-09 05:23:18
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1725876080 2024-09-09 12:13:05
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1725871927 2024-09-09 05:23:17
CloudLinux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-08-22 12:16:21
CloudLinux 7 ELS kernel 3.10.0 7.1 HIGH Ignored 2025-01-10 22:43:42
Oracle Linux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-08-22 12:16:21
Ubuntu 18.04 ELS linux 4.15.0 7.1 HIGH Not Vulnerable 2024-11-18 11:59:01