CVE-2024-26921 — Buffer Underflow in Linux
Severity
5.5MEDIUMNVD
OSV8.4OSV7.8OSV6.8OSV5.3
EPSS
0.1%
top 82.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 18
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
inet: inet_defrag: prevent sk release while still in use
ip_local_out() and other functions can pass skb->sk as function argument.
If the skb is a fragment and reassembly happens before such function call
returns, the sk must not be released.
This affects skb fragments reassembled via netfilter or similar
modules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.
Eric Dumazet made an initial analysis of this bu…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages6 packages
▶CVEListV5linux/linux7026b1ddb6b8d4e6ee33dc2bd06c0ca8746fa7ab — 1b6de5e6575b56502665c65cf93b0ae6aa0f51ab+7
Patches
🔴Vulnerability Details
21OSV▶
linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities↗2025-01-06