CVE-2024-27026
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-27026
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27026.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-27026
- Downstream
- Related
- Published
- 2024-05-01T12:49:31Z
- Modified
- 2025-10-15T10:02:31.182062Z
- Summary
- vmxnet3: Fix missing reserved tailroom
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
vmxnet3: Fix missing reserved tailroom
Use rbi->len instead of rcd->len for non-dataring packet.
Found issue: XDPWARN: xdpupdateframefrombuff(line:278): Driver BUG: missing reserved tailroom WARNING: CPU: 0 PID: 0 at net/core/xdp.c:586 xdpwarn+0xf/0x20 CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.5.1 #1 RIP: 0010:xdpwarn+0xf/0x20 ... ? xdpwarn+0xf/0x20 xdpdoredirect+0x15f/0x1c0 vmxnet3runxdp+0x17a/0x400 [vmxnet3] vmxnet3processxdp+0xe4/0x760 [vmxnet3] ? vmxnet3tqtxcomplete.isra.0+0x21e/0x2c0 [vmxnet3] vmxnet3rqrxcomplete+0x7ad/0x1120 [vmxnet3] vmxnet3pollrxonly+0x2d/0xa0 [vmxnet3] _napipoll+0x20/0x180 netrx_action+0x177/0x390
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/7c8505ecc2d15473d679b8e06335434b84fffe86
- https://git.kernel.org/stable/c/91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262
- https://git.kernel.org/stable/c/aba8659caf88017507419feea06069f529329ea6
- https://git.kernel.org/stable/c/e127ce7699c1e05279ee5ee61f00893e7bfa9671
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54f00cce11786742bd11e5e68c3bf85e6dc048c9Fixedaba8659caf88017507419feea06069f529329ea6
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54f00cce11786742bd11e5e68c3bf85e6dc048c9Fixed7c8505ecc2d15473d679b8e06335434b84fffe86
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54f00cce11786742bd11e5e68c3bf85e6dc048c9Fixed91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced54f00cce11786742bd11e5e68c3bf85e6dc048c9Fixede127ce7699c1e05279ee5ee61f00893e7bfa9671
Affected versions
v6.*
v6.5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
Database specific
{
"vanir_signatures": [
{
"digest": {
"length": 1083.0,
"function_hash": "173777562618218039580228745292539384092"
},
"target": {
"function": "vmxnet3_process_xdp",
"file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c8505ecc2d15473d679b8e06335434b84fffe86",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-27026-03272540"
},
{
"digest": {
"line_hashes": [
"6142491038498206026031180067697686429",
"153545933236804088015045045332860412246",
"224471553524810319078508650780300767263",
"72765255729204487399732749099229256972",
"232815485177865679755765008499269140445",
"60671797866055309589710151997422087462",
"251074350224018175765989094501062250261",
"193448402542829345301752517836816430767"
],
"threshold": 0.9
},
"target": {
"file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aba8659caf88017507419feea06069f529329ea6",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-27026-06577616"
},
{
"digest": {
"line_hashes": [
"6142491038498206026031180067697686429",
"153545933236804088015045045332860412246",
"224471553524810319078508650780300767263",
"72765255729204487399732749099229256972",
"232815485177865679755765008499269140445",
"60671797866055309589710151997422087462",
"251074350224018175765989094501062250261",
"193448402542829345301752517836816430767"
],
"threshold": 0.9
},
"target": {
"file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e127ce7699c1e05279ee5ee61f00893e7bfa9671",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-27026-756e39ba"
},
{
"digest": {
"length": 1083.0,
"function_hash": "173777562618218039580228745292539384092"
},
"target": {
"function": "vmxnet3_process_xdp",
"file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e127ce7699c1e05279ee5ee61f00893e7bfa9671",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-27026-ad0eb49b"
},
{
"digest": {
"line_hashes": [
"6142491038498206026031180067697686429",
"153545933236804088015045045332860412246",
"224471553524810319078508650780300767263",
"72765255729204487399732749099229256972",
"232815485177865679755765008499269140445",
"60671797866055309589710151997422087462",
"251074350224018175765989094501062250261",
"193448402542829345301752517836816430767"
],
"threshold": 0.9
},
"target": {
"file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c8505ecc2d15473d679b8e06335434b84fffe86",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-27026-b117250a"
},
{
"digest": {
"length": 1083.0,
"function_hash": "173777562618218039580228745292539384092"
},
"target": {
"function": "vmxnet3_process_xdp",
"file": "drivers/net/vmxnet3/vmxnet3_xdp.c"
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aba8659caf88017507419feea06069f529329ea6",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2024-27026-e8430dbb"
}
]
}