CVE-2024-27026
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-27026
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27026.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-27026
- Downstream
- Related
- Published
- 2024-05-01T13:15:48Z
- Modified
- 2025-03-05T15:18:05Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
vmxnet3: Fix missing reserved tailroom
Use rbi->len instead of rcd->len for non-dataring packet.
Found issue: XDPWARN: xdpupdateframefrombuff(line:278): Driver BUG: missing reserved tailroom WARNING: CPU: 0 PID: 0 at net/core/xdp.c:586 xdpwarn+0xf/0x20 CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.5.1 #1 RIP: 0010:xdpwarn+0xf/0x20 ... ? xdpwarn+0xf/0x20 xdpdoredirect+0x15f/0x1c0 vmxnet3runxdp+0x17a/0x400 [vmxnet3] vmxnet3processxdp+0xe4/0x760 [vmxnet3] ? vmxnet3tqtxcomplete.isra.0+0x21e/0x2c0 [vmxnet3] vmxnet3rqrxcomplete+0x7ad/0x1120 [vmxnet3] vmxnet3pollrxonly+0x2d/0xa0 [vmxnet3] _napipoll+0x20/0x180 netrx_action+0x177/0x390
- References
-
- https://git.kernel.org/stable/c/7c8505ecc2d15473d679b8e06335434b84fffe86
- https://git.kernel.org/stable/c/91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262
- https://git.kernel.org/stable/c/aba8659caf88017507419feea06069f529329ea6
- https://git.kernel.org/stable/c/e127ce7699c1e05279ee5ee61f00893e7bfa9671
- https://security-tracker.debian.org/tracker/CVE-2024-27026
Affected packages
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source