CVE-2024-26677

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix delayed ACKs to not set the reference serial number

Fix the construction of delayed ACKs to not set the reference serial number as they can't be used as an RTT reference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < 200cb50b9e154434470c8969d32474d38475acc2affected
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < 63719f490e6a89896e9a463d2b45e8203eab23aeaffected
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < e7870cf13d20f56bfc19f9c3e89707c69cf104efaffected
LinuxLinux2.6.22affected
LinuxLinux0 < 2.6.22unaffected
LinuxLinux6.6.17 <= 6.6.*unaffected
LinuxLinux6.7.5 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References