We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-36929

net: core: reject skb_copy(_expand) for fraglist GSO skbs



AssignerLinux
Reserved2024-05-30
Published2024-05-30
Updated2024-09-05

Description

In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment.

Product status

Default status
0x400308e840

3a1296a38d0c before faa83a7797f0
affected

3a1296a38d0c before c7af99cc2192
affected

3a1296a38d0c before 989bf6fd1e1d
affected

3a1296a38d0c before cfe34d86ef97
affected

3a1296a38d0c before aea5e2669c28
affected

3a1296a38d0c before d091e579b864
affected

Default status
0x400308e950

5.6
affected

Any version before 5.6
unaffected

5.10.217
unaffected

5.15.159
unaffected

6.1.91
unaffected

6.6.31
unaffected

6.8.10
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/faa83a7797f06cefed86731ba4baa3b4dfdc06c1

https://git.kernel.org/stable/c/c7af99cc21923a9650533c9d77265c8dd683a533

https://git.kernel.org/stable/c/989bf6fd1e1d058e73a364dce1a0c53d33373f62

https://git.kernel.org/stable/c/cfe34d86ef9765c388f145039006bb79b6c81ac6

https://git.kernel.org/stable/c/aea5e2669c2863fdd8679c40ee310b3bcaa85aec

https://git.kernel.org/stable/c/d091e579b864fa790dd6a0cd537a22c383126681

https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

cve.org CVE-2024-36929

nvd.nist.gov CVE-2024-36929

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-36929
Subscribe to our newsletter to learn more about our work.