Description

In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment.

INFO

Published Date :

2024-05-30T15:29:21.430Z

Last Modified :

2025-05-04T09:12:17.407Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-36929 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-36929.

URL Resource
https://git.kernel.org/stable/c/989bf6fd1e1d058e73a364dce1a0c53d33373f62 cve-icon cve-icon cve-icon
https://git.kernel.org/stable/c/aea5e2669c2863fdd8679c40ee310b3bcaa85aec cve-icon cve-icon cve-icon
https://git.kernel.org/stable/c/c7af99cc21923a9650533c9d77265c8dd683a533 cve-icon cve-icon cve-icon
https://git.kernel.org/stable/c/cfe34d86ef9765c388f145039006bb79b6c81ac6 cve-icon cve-icon cve-icon
https://git.kernel.org/stable/c/d091e579b864fa790dd6a0cd537a22c383126681 cve-icon cve-icon cve-icon
https://git.kernel.org/stable/c/faa83a7797f06cefed86731ba4baa3b4dfdc06c1 cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-36929 cve-icon
https://security.netapp.com/advisory/ntap-20240905-0010/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-36929 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact