Linux Kernel Vulnerability in virtio-net Affecting Various Distributions
CVE-2024-57843

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
11 January 2025

What is CVE-2024-57843?

A vulnerability in the Linux kernel's virtio-net component may lead to instability in virtual machines, particularly when specific system configurations are in place. The issue arises when the size of the fragment exceeds the PAGE_SIZE while the request for a DMA buffer could potentially overflow. This flaw, introduced by a previous commit, was identified to cause reliable crashes and failures when transferring files using scp in a virtualized environment. The latest updates attempt to mitigate this problem by adjusting buffer lengths, aiming to stabilize VM operations and improve system reliability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 295525e29a5b5694a6e96864f0c1365f79639863

Linux 295525e29a5b5694a6e96864f0c1365f79639863 < 67a11de8965c2ab19e215fb6651d44847e068614

Linux 295525e29a5b5694a6e96864f0c1365f79639863 < 6aacd1484468361d1d04badfe75f264fa5314864

References

https://git.kernel.org/stable/c/a8f7d6963768b114ec9644ff0...
https://git.kernel.org/stable/c/67a11de8965c2ab19e215fb66...
https://git.kernel.org/stable/c/6aacd1484468361d1d04badfe...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.