CVE-2024-26665

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-26665
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26665.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26665
Downstream
Related
Published
2024-04-02T06:22:14.264Z
Modified
2026-03-14T12:29:55.281976Z
Summary
tunnels: fix out of bounds access when building IPv6 PMTU error
Details

In the Linux kernel, the following vulnerability has been resolved:

tunnels: fix out of bounds access when building IPv6 PMTU error

If the ICMPv6 error is built from a non-linear skb we get the following splat,

BUG: KASAN: slab-out-of-bounds in docsum+0x220/0x240 Read of size 4 at addr ffff88811d402c80 by task netperf/820 CPU: 0 PID: 820 Comm: netperf Not tainted 6.8.0-rc1+ #543 ... kasanreport+0xd8/0x110 docsum+0x220/0x240 csumpartial+0xc/0x20 skbtunnelcheckpmtu+0xeb9/0x3280 vxlanxmitone+0x14c2/0x4080 vxlanxmit+0xf61/0x5c00 devhardstart_xmit+0xfb/0x510 __devqueuexmit+0x7cd/0x32a0 brdevqueuepushxmit+0x39d/0x6a0

Use skbchecksum instead of csumpartial who cannot deal with non-linear SKBs.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26665.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
4cb47a8644cc9eb8ec81190a50e79e6530d0297f
Fixed
e77bf828f1ca1c47fcff58bdc26b60a9d3dfbe1d
Fixed
d964dd1bc1452594b4207d9229c157d9386e5d8a
Fixed
e37cde7a5716466ff2a76f7f27f0a29b05b9a732
Fixed
510c869ffa4068c5f19ff4df51d1e2f3a30aaac1
Fixed
7dc9feb8b1705cf00de20563b6bc4831f4c99dab
Fixed
d75abeec401f8c86b470e7028a13fcdc87e5dd06

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26665.json"