Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2024-26665: kernel: tunnels: fix out of bounds access when building IPv6 PMTU error (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Red Hat: CVE-2024-26665: kernel: tunnels: fix out of bounds access when building IPv6 PMTU error (Multiple Advisories)

Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:N/A:C)
Published
04/02/2024
Created
09/26/2024
Added
09/25/2024
Modified
09/25/2024

Description

In the Linux kernel, the following vulnerability has been resolved: tunnels: fix out of bounds access when building IPv6 PMTU error If the ICMPv6 error is built from a non-linear skb we get the following splat, BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of size 4 at addr ffff88811d402c80 by task netperf/820 CPU: 0 PID: 820 Comm: netperf Not tainted 6.8.0-rc1+ #543 ... kasan_report+0xd8/0x110 do_csum+0x220/0x240 csum_partial+0xc/0x20 skb_tunnel_check_pmtu+0xeb9/0x3280 vxlan_xmit_one+0x14c2/0x4080 vxlan_xmit+0xf61/0x5c00 dev_hard_start_xmit+0xfb/0x510 __dev_queue_xmit+0x7cd/0x32a0 br_dev_queue_push_xmit+0x39d/0x6a0 Use skb_checksum instead of csum_partial who cannot deal with non-linear SKBs.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-rt

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;