vulnerability

Red Hat: CVE-2024-58099: kernel: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (Multiple Advisories)

Name: Red Hat: CVE-2024-58099: kernel: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (Multiple Advisories)
Creator: Red Hat
Published: 2025-04-29T00:00:00.000Z
Keywords: CVE, CWE-787, Red Hat, 2024, 58099, kernel, redhat-upgrade-kernel, redhat-upgrade-kernel-rt, Severity 5

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Apr 29, 2025

Added

May 15, 2025

Modified

Jun 12, 2026

Description

A vulnerability was found in the Linux kernel's vmxnet3 network driver in the `vmxnet3_xdp_xmit_frame()` function. An incorrect DMA address calculation caused by the use of a fixed (rather than dynamic) offset leads to a corrupt packet being sent out and subsequently dropped on the path. This can lead to system instability and a denial of service caused by persistent packet loss.

Solutions

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

CWE-787
EUVD-EUVD-2025-14197
NVD-CVE-2024-58099
REDHAT-RHSA-2025:6966
REDHAT-RHSA-2025:9584
https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-14197

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report