We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | redhat |
Reserved | 2024-02-01 |
Published | 2024-02-11 |
Updated | 2024-09-05 |
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
2024-02-01: | Reported to Red Hat. |
2024-02-07: | Made public. |
This issue was discovered by Aaron Conole (Red Hat).
https://access.redhat.com/errata/RHSA-2024:4823 (RHSA-2024:4823)
https://access.redhat.com/errata/RHSA-2024:4831 (RHSA-2024:4831)
https://access.redhat.com/security/cve/CVE-2024-1151
https://bugzilla.redhat.com/show_bug.cgi?id=2262241 (RHBZ#2262241)
https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/