CVE-2024-11614
7.4
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
21.05 < 21.11-4 | affected | ||
| Red Hat | Fast Datapath for Red Hat Enterprise Linux 8 | 0:3.1.0-159.el8fdp < * | unaffected |
| Red Hat | Fast Datapath for Red Hat Enterprise Linux 9 | 0:3.1.0-149.el9fdp < * | unaffected |
| Red Hat | Fast Datapath for Red Hat Enterprise Linux 9 | 0:3.3.0-92.el9fdp < * | unaffected |
| Red Hat | Fast Datapath for Red Hat Enterprise Linux 9 | 0:3.4.0-48.el9fdp < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:23.11-2.el8_10 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 0:21.11-3.el8_6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service | 0:21.11-3.el8_6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | 0:21.11-3.el8_6 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support | 0:21.11-4.el8_8 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 2:23.11-2.el9_5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | 2:21.11-3.el9_0 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 2:22.11-4.el9_2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support | 2:23.11-2.el9_4 < * | unaffected |
Weaknesses
- CWE-125: Out-of-bounds Read
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://access.redhat.com/errata/RHSA-2025:0208
- https://access.redhat.com/errata/RHSA-2025:0209
- https://access.redhat.com/errata/RHSA-2025:0210
- https://access.redhat.com/errata/RHSA-2025:0211
- https://access.redhat.com/errata/RHSA-2025:0220
- https://access.redhat.com/errata/RHSA-2025:0221
- https://access.redhat.com/errata/RHSA-2025:0222
- https://access.redhat.com/errata/RHSA-2025:3963
- https://access.redhat.com/errata/RHSA-2025:3964
- https://access.redhat.com/errata/RHSA-2025:3965
- https://access.redhat.com/errata/RHSA-2025:3970
- https://access.redhat.com/security/cve/CVE-2024-11614
- https://bugzilla.redhat.com/show_bug.cgi?id=2327955
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.