fkie_cve-2024-11614
Vulnerability from fkie_nvd
Published
2024-12-18 09:15
Modified
2025-04-17 01:15
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
References
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0208
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0209
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0210
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0211
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0220
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0221
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:0222
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:3963
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:3964
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:3965
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:3970
secalert@redhat.comhttps://access.redhat.com/security/cve/CVE-2024-11614
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2327955
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/12/17/3
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An out-of-bounds read vulnerability was found in DPDK\u0027s Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor\u0027s vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una vulnerabilidad de lectura fuera de los l\u00edmites en la funci\u00f3n de descarga de suma de comprobaci\u00f3n de la librer\u00eda DPDK\u0027s Vhost. Este problema permite que un invitado no confiable o comprometido bloquee el vSwitch del hipervisor falsificando descriptores Virtio para provocar lecturas fuera de los l\u00edmites. Esta falla permite que un atacante con una m\u00e1quina virtual maliciosa que utilice un controlador Virtio haga que el lado del usuario vhost se bloquee enviando un paquete con una solicitud de descarga de suma de comprobaci\u00f3n Tx y un desplazamiento csum_start no v\u00e1lido."
    }
  ],
  "id": "CVE-2024-11614",
  "lastModified": "2025-04-17T01:15:45.350",
  "metrics": {
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-18T09:15:06.660",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0208"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0209"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0210"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0211"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0220"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0221"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:0222"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:3963"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:3964"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:3965"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:3970"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-11614"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2024/12/17/3"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.