CVE-2024-27026

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-27026
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27026.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-27026
Downstream
Related
Published
2024-05-01T12:49:31Z
Modified
2025-10-15T10:02:31.182062Z
Summary
vmxnet3: Fix missing reserved tailroom
Details

In the Linux kernel, the following vulnerability has been resolved:

vmxnet3: Fix missing reserved tailroom

Use rbi->len instead of rcd->len for non-dataring packet.

Found issue: XDPWARN: xdpupdateframefrombuff(line:278): Driver BUG: missing reserved tailroom WARNING: CPU: 0 PID: 0 at net/core/xdp.c:586 xdpwarn+0xf/0x20 CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.5.1 #1 RIP: 0010:xdpwarn+0xf/0x20 ... ? xdpwarn+0xf/0x20 xdpdoredirect+0x15f/0x1c0 vmxnet3runxdp+0x17a/0x400 [vmxnet3] vmxnet3processxdp+0xe4/0x760 [vmxnet3] ? vmxnet3tqtxcomplete.isra.0+0x21e/0x2c0 [vmxnet3] vmxnet3rqrxcomplete+0x7ad/0x1120 [vmxnet3] vmxnet3pollrxonly+0x2d/0xa0 [vmxnet3] _napipoll+0x20/0x180 netrx_action+0x177/0x390

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54f00cce11786742bd11e5e68c3bf85e6dc048c9
Fixed
aba8659caf88017507419feea06069f529329ea6
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54f00cce11786742bd11e5e68c3bf85e6dc048c9
Fixed
7c8505ecc2d15473d679b8e06335434b84fffe86
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54f00cce11786742bd11e5e68c3bf85e6dc048c9
Fixed
91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
54f00cce11786742bd11e5e68c3bf85e6dc048c9
Fixed
e127ce7699c1e05279ee5ee61f00893e7bfa9671

Affected versions

v6.*

v6.5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 1083.0,
                "function_hash": "173777562618218039580228745292539384092"
            },
            "target": {
                "function": "vmxnet3_process_xdp",
                "file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c8505ecc2d15473d679b8e06335434b84fffe86",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-27026-03272540"
        },
        {
            "digest": {
                "line_hashes": [
                    "6142491038498206026031180067697686429",
                    "153545933236804088015045045332860412246",
                    "224471553524810319078508650780300767263",
                    "72765255729204487399732749099229256972",
                    "232815485177865679755765008499269140445",
                    "60671797866055309589710151997422087462",
                    "251074350224018175765989094501062250261",
                    "193448402542829345301752517836816430767"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aba8659caf88017507419feea06069f529329ea6",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-27026-06577616"
        },
        {
            "digest": {
                "line_hashes": [
                    "6142491038498206026031180067697686429",
                    "153545933236804088015045045332860412246",
                    "224471553524810319078508650780300767263",
                    "72765255729204487399732749099229256972",
                    "232815485177865679755765008499269140445",
                    "60671797866055309589710151997422087462",
                    "251074350224018175765989094501062250261",
                    "193448402542829345301752517836816430767"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e127ce7699c1e05279ee5ee61f00893e7bfa9671",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-27026-756e39ba"
        },
        {
            "digest": {
                "length": 1083.0,
                "function_hash": "173777562618218039580228745292539384092"
            },
            "target": {
                "function": "vmxnet3_process_xdp",
                "file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e127ce7699c1e05279ee5ee61f00893e7bfa9671",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-27026-ad0eb49b"
        },
        {
            "digest": {
                "line_hashes": [
                    "6142491038498206026031180067697686429",
                    "153545933236804088015045045332860412246",
                    "224471553524810319078508650780300767263",
                    "72765255729204487399732749099229256972",
                    "232815485177865679755765008499269140445",
                    "60671797866055309589710151997422087462",
                    "251074350224018175765989094501062250261",
                    "193448402542829345301752517836816430767"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
            },
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c8505ecc2d15473d679b8e06335434b84fffe86",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-27026-b117250a"
        },
        {
            "digest": {
                "length": 1083.0,
                "function_hash": "173777562618218039580228745292539384092"
            },
            "target": {
                "function": "vmxnet3_process_xdp",
                "file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
            },
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aba8659caf88017507419feea06069f529329ea6",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2024-27026-e8430dbb"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.6.0
Fixed
6.6.23
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.11
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.2