Vulnerability Database

290,278

Total vulnerabilities in the database

CVE-2024-26665

In the Linux kernel, the following vulnerability has been resolved:

tunnels: fix out of bounds access when building IPv6 PMTU error

If the ICMPv6 error is built from a non-linear skb we get the following splat,

BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240 Read of size 4 at addr ffff88811d402c80 by task netperf/820 CPU: 0 PID: 820 Comm: netperf Not tainted 6.8.0-rc1+ #543 ... kasan_report+0xd8/0x110 do_csum+0x220/0x240 csum_partial+0xc/0x20 skb_tunnel_check_pmtu+0xeb9/0x3280 vxlan_xmit_one+0x14c2/0x4080 vxlan_xmit+0xf61/0x5c00 dev_hard_start_xmit+0xfb/0x510 __dev_queue_xmit+0x7cd/0x32a0 br_dev_queue_push_xmit+0x39d/0x6a0

Use skb_checksum instead of csum_partial who cannot deal with non-linear SKBs.

  • Published: Apr 2, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-26665
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.1
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

No CWE or OWASP classifications available.

Software From Fixed in
linux / linux_kernel 6.8-rc1 6.8-rc1.x
linux / linux_kernel 5.11 5.15.149
linux / linux_kernel 6.8-rc3 6.8-rc3.x
linux / linux_kernel 6.8-rc2 6.8-rc2.x
linux / linux_kernel 6.7 6.7.5
linux / linux_kernel 6.2 6.6.17
linux / linux_kernel 5.9 5.10.210
linux / linux_kernel 5.16 6.1.78
debian / debian_linux 10.0 10.0.x