Lucene search

K
redhatcveRedhat.comRH:CVE-2024-26640
HistoryMar 18, 2024 - 2:23 p.m.

CVE-2024-26640

2024-03-1814:23:34
redhat.com
access.redhat.com
6
linux kernel
vulnerability
cve-2024-26640
resolved
tcp
rx zerocopy
sanity checks
nic drivers
panic
syzbot
loopback packets
sendfile
ext4 file
tcp.

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

A vulnerability was found in Linux Kernel where rx zerocopy feature allowed mapping of pages owned by the filesystem, leading to potential system panic which is caused by the lack of sanity checks to rx zerocopy. A local authenticated attacker could exploit this vulnerability to cause a denial of service.

Mitigation

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%