CVE-2024-1151: A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls…

medium5.5CVSS 3.1

AVLACLPRLUINSUCNINAH

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.

Affected

30 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	linux	< linux 6.1.82-1 (bookworm)	linux 6.1.82-1 (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
linux	linux_kernel	<= 6.7.8	—
linux	linux_kernel	—	—
linux	linux_kernel	>= 0 < 5.10.216-1	5.10.216-1
linux	linux_kernel	>= 0 < 6.1.82-1	6.1.82-1
linux	linux_kernel	>= 0 < 6.7.7-1	6.7.7-1
linux	linux_kernel	>= 0 < 6.7.7-1	6.7.7-1
linux	linux_kernel	>= 0 < 5.15.0-106.116	5.15.0-106.116
msrc	azl3_hyperv-daemons_6.6.14.1-1_on_azure_linux_3.0	—	—
msrc	azl3_hyperv-daemons_6.6.22.1-2_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.104.2-4_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.112.1-2_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.117.1-1_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.119.3-1_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.119.3-3_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.121.1-1_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.126.1-1_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.130.1-3_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.96.2-1_on_azure_linux_3.0	—	—
msrc	azl3_kernel_6.6.96.2-2_on_azure_linux_3.0	—	—
msrc	azure_linux_3.0_arm	—	—
msrc	azure_linux_3.0_x64	—	—

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

osv7.0HIGH