CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs
In the Linux kernel, the following vulnerability has been resolved:
net: core: reject skbcopy(expand) for fraglist GSO skbs
SKBGSOFRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skbcopy or skbcopyexpand, in order to prevent a crash on a potential later call to skbgsosegment.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
net: core: reject skbcopy(expand) for fraglist GSO skbs
The Linux kernel CVE team has assigned CVE-2024-36929 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024053041-CVE-2024-36929-0329@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by an untrusted pointer reference error. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-36929?
CVE-2024-36929 has a severity rating that requires attention due to its impact on network packet processing in the Linux kernel.
How do I fix CVE-2024-36929?
To mitigate CVE-2024-36929, upgrade to one of the patched kernel versions specified in the affected software section, such as 5.10.217, 5.15.159, or later.
What is the impact of CVE-2024-36929 on system performance?
CVE-2024-36929 can lead to issues with packet handling, which may affect network performance and stability.
Which Linux distributions are affected by CVE-2024-36929?
CVE-2024-36929 affects several Linux distributions that utilize the vulnerable kernel versions outlined in the affected software section.
Is there a workaround for CVE-2024-36929?
There are no specific workarounds for CVE-2024-36929; the recommended action is to apply the available kernel updates.