Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-27431HistoryMay 17, 2024 - 12:15 p.m.
CVE-2024-27431
2024-05-1712:15:16
Debian Security Bug Tracker
security-tracker.debian.org
3
linux kernel
vulnerability
zero-initialising
xdp_rxq_info
struct
xdp program
In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don’t initialise the xdp_rxq_info data structure being used in the xdp_buff that backs the XDP program invocation. Tobias noticed that this leads to random values being returned as the xdp_md->rx_queue_index value for XDP programs running in a cpumap. This means we’re basically returning the contents of the uninitialised memory, which is bad. Fix this by zero-initialising the rxq data structure before running the XDP program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.82-1 | linux_6.1.82-1_all.deb |
| Debian | 11 | all | linux | < 5.10.216-1 | linux_5.10.216-1_all.deb |
| Debian | 10 | all | linux | < 4.19.249-2 | linux_4.19.249-2_all.deb |
| Debian | 999 | all | linux | < 6.7.12-1 | linux_6.7.12-1_all.deb |
| Debian | 13 | all | linux | < 6.7.12-1 | linux_6.7.12-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2024-27431
2024-05-17 00:00:00
redhatcve
redhatcve
CVE-2024-27431
2024-05-17 22:22:03
nvd
nvd
CVE-2024-27431
2024-05-17 12:15:16
vulnrichment
vulnrichment
cvelist
cvelist
cve
cve
CVE-2024-27431
2024-05-17 12:15:16
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6821-1)
2024-06-07 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6820-1)
2024-06-07 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6821-4)
2024-06-14 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6820-1)
2024-06-10 00:00:00
Ubuntu: Security Advisory (USN-6820-2)
2024-06-12 00:00:00
Ubuntu: Security Advisory (USN-6821-2)
2024-06-11 00:00:00
osv
osv
linux-gkeop, linux-gkeop-5.15, linux-kvm vulnerabilities
2024-06-10 17:13:01
linux-aws, linux-aws-5.15 vulnerabilities
2024-06-11 20:53:02
linux-azure, linux-azure-fde vulnerabilities
2024-06-14 15:39:24
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-06-10 00:00:00
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.4%
Related for DEBIANCVE:CVE-2024-27431