mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
124 lines
6.2 KiB
JSON
124 lines
6.2 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-50258",
|
|
"ASSIGNER": "cve@kernel.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk->sk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb->len = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -> 0\n tso_segs = DIV_ROUND_UP(skb->len, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Linux",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Linux",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "46e6b992c250",
|
|
"version_value": "e9365368b483"
|
|
},
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"version": "4.16",
|
|
"status": "affected"
|
|
},
|
|
{
|
|
"version": "0",
|
|
"lessThan": "4.16",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.1.120",
|
|
"lessThanOrEqual": "6.1.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.6.60",
|
|
"lessThanOrEqual": "6.6.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.11.7",
|
|
"lessThanOrEqual": "6.11.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.12",
|
|
"lessThanOrEqual": "*",
|
|
"status": "unaffected",
|
|
"versionType": "original_commit_for_fix"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/e9365368b483328639c03fc730448dccd5a25b6b",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/e9365368b483328639c03fc730448dccd5a25b6b"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/ac5977001eee7660c643f8e07a2de9001990b7b8",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/ac5977001eee7660c643f8e07a2de9001990b7b8"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/e72fd1389a5364bc6aa6312ecf30bdb5891b9486",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/e72fd1389a5364bc6aa6312ecf30bdb5891b9486"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/9ab5cf19fb0e4680f95e506d6c544259bf1111c4",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/9ab5cf19fb0e4680f95e506d6c544259bf1111c4"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "bippy-8e903de6a542"
|
|
}
|
|
} |