CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets.
In the Linux kernel, the following vulnerability has been resolved:
r8169: Fix possible ring buffer corruption on fragmented Tx packets.
An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently leading to calls to dmaunmapsingle() with a null address.
This was caused by rtl8169startxmit() not noticing changes to nrfrags which may occur when small packets are padded (to work around hardware quirks) in rtl8169tsocsumv2().
To fix this, postpone inspecting nrfrags until after any padding has been applied.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
r8169: Fix possible ring buffer corruption on fragmented Tx packets.
The Linux kernel CVE team has assigned CVE-2024-38586 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024061949-CVE-2024-38586-70d6@gregkh/T
— Red Hat
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2024-38586?
CVE-2024-38586 has been classified as a high severity vulnerability affecting the Linux kernel.
How do I fix CVE-2024-38586?
To remediate CVE-2024-38586, update the Linux kernel to version 5.15.161, 6.1.93, 6.6.33, 6.8.12, 6.9.3, or 6.10 for Red Hat systems, or versions 5.10.223-1, 5.10.226-1, 6.1.123-1, 6.1.119-1, 6.12.10-1, or 6.12.11-1 for Debian systems.
What systems are affected by CVE-2024-38586?
CVE-2024-38586 affects the Linux kernel, specifically impacting systems using the RTL8125b chipset when transmitting small fragmented packets.
Is CVE-2024-38586 being actively exploited?
There is currently no public information indicating that CVE-2024-38586 is being actively exploited in the wild.
Who published the fix for CVE-2024-38586?
The fix for CVE-2024-38586 was published through updates from Red Hat and Debian, with contributions from the Linux kernel development community.