CVE-2024-43897 (GCVE-0-2024-43897)

Vulnerability from cvelistv5 – Published: 2024-08-26 10:10 – Updated: 2026-05-11 20:31
VLAI
Title
net: drop bad gso csum_start and offset in virtio_net_hdr
Summary
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csum_start and offset in virtio_net_hdr Tighten csum_start and csum_offset checks in virtio_net_hdr_to_skb for GSO packets. The function already checks that a checksum requested with VIRTIO_NET_HDR_F_NEEDS_CSUM is in skb linear. But for GSO packets this might not hold for segs after segmentation. Syzkaller demonstrated to reach this warning in skb_checksum_help offset = skb_checksum_start_offset(skb); ret = -EINVAL; if (WARN_ON_ONCE(offset >= skb_headlen(skb))) By injecting a TSO packet: WARNING: CPU: 1 PID: 3539 at net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0 ip_do_fragment+0x209/0x1b20 net/ipv4/ip_output.c:774 ip_finish_output_gso net/ipv4/ip_output.c:279 [inline] __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301 iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82 ip_tunnel_xmit+0x2296/0x2c70 net/ipv4/ip_tunnel.c:813 __gre_xmit net/ipv4/ip_gre.c:469 [inline] ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661 __netdev_start_xmit include/linux/netdevice.h:4850 [inline] netdev_start_xmit include/linux/netdevice.h:4864 [inline] xmit_one net/core/dev.c:3595 [inline] dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611 __dev_queue_xmit+0x1b97/0x3c90 net/core/dev.c:4261 packet_snd net/packet/af_packet.c:3073 [inline] The geometry of the bad input packet at tcp_gso_segment: [ 52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0 [ 52.003050][ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244 [ 52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(size=1552 type=3 segs=0)) [ 52.003050][ T8403] csum(0x60000c7 start=199 offset=1536 ip_summed=3 complete_sw=0 valid=0 level=0) Mitigate with stricter input validation. csum_offset: for GSO packets, deduce the correct value from gso_type. This is already done for USO. Extend it to TSO. Let UFO be: udp[46]_ufo_fragment ignores these fields and always computes the checksum in software. csum_start: finding the real offset requires parsing to the transport header. Do not add a parser, use existing segmentation parsing. Thanks to SKB_GSO_DODGY, that also catches bad packets that are hw offloaded. Again test both TSO and USO. Do not test UFO for the above reason, and do not test UDP tunnel offload. GSO packet are almost always CHECKSUM_PARTIAL. USO packets may be CHECKSUM_NONE since commit 10154dbded6d6 ("udp: Allow GSO transmit from devices with no checksum offload"), but then still these fields are initialized correctly in udp4_hwcsum/udp6_hwcsum_outgoing. So no need to test for ip_summed == CHECKSUM_PARTIAL first. This revises an existing fix mentioned in the Fixes tag, which broke small packets with GSO offload, as detected by kselftests.
Severity
No CVSS data available.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 27874ca77bd2b05a3779c7b3a5c75d8dd7f0b40f , < 413e785a89f8bde0d4156a54b8ac2fa003c06756 (git)
Affected: 5b1997487a3f3373b0f580c8a20b56c1b64b0775 , < f01c5e335fbb7fb612d40f14a3c02e2612a43d3b (git)
Affected: 90d41ebe0cd4635f6410471efc1dd71b33e894cf , < 6772c4868a8e7ad5305957cdb834ce881793acb7 (git)
Affected: e9164903b8b303c34723177b02fe91e49e3c4cd7 , < 2edbb3e8838c672cd7e247e47989df9d03fc6668 (git)
Affected: e269d79c7d35aa3808b1f3c1737d63dab504ddc8 , < 89add40066f9ed9abe5f7f886fe5789ff7e0c50e (git)
Create a notification for this product.
Linux Linux Affected: 5.15.165 , < 5.15.167 (semver)
Affected: 6.1.103 , < 6.1.107 (semver)
Affected: 6.6.44 , < 6.6.46 (semver)
Affected: 6.10.3 , < 6.10.5 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-43897",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:29:03.207414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T17:33:08.236Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T22:06:59.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/virtio_net.h",
            "net/ipv4/tcp_offload.c",
            "net/ipv4/udp_offload.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "413e785a89f8bde0d4156a54b8ac2fa003c06756",
              "status": "affected",
              "version": "27874ca77bd2b05a3779c7b3a5c75d8dd7f0b40f",
              "versionType": "git"
            },
            {
              "lessThan": "f01c5e335fbb7fb612d40f14a3c02e2612a43d3b",
              "status": "affected",
              "version": "5b1997487a3f3373b0f580c8a20b56c1b64b0775",
              "versionType": "git"
            },
            {
              "lessThan": "6772c4868a8e7ad5305957cdb834ce881793acb7",
              "status": "affected",
              "version": "90d41ebe0cd4635f6410471efc1dd71b33e894cf",
              "versionType": "git"
            },
            {
              "lessThan": "2edbb3e8838c672cd7e247e47989df9d03fc6668",
              "status": "affected",
              "version": "e9164903b8b303c34723177b02fe91e49e3c4cd7",
              "versionType": "git"
            },
            {
              "lessThan": "89add40066f9ed9abe5f7f886fe5789ff7e0c50e",
              "status": "affected",
              "version": "e269d79c7d35aa3808b1f3c1737d63dab504ddc8",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/linux/virtio_net.h",
            "net/ipv4/tcp_offload.c",
            "net/ipv4/udp_offload.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5.15.167",
              "status": "affected",
              "version": "5.15.165",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.107",
              "status": "affected",
              "version": "6.1.103",
              "versionType": "semver"
            },
            {
              "lessThan": "6.6.46",
              "status": "affected",
              "version": "6.6.44",
              "versionType": "semver"
            },
            {
              "lessThan": "6.10.5",
              "status": "affected",
              "version": "6.10.3",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.167",
                  "versionStartIncluding": "5.15.165",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.107",
                  "versionStartIncluding": "6.1.103",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.46",
                  "versionStartIncluding": "6.6.44",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.10.5",
                  "versionStartIncluding": "6.10.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: drop bad gso csum_start and offset in virtio_net_hdr\n\nTighten csum_start and csum_offset checks in virtio_net_hdr_to_skb\nfor GSO packets.\n\nThe function already checks that a checksum requested with\nVIRTIO_NET_HDR_F_NEEDS_CSUM is in skb linear. But for GSO packets\nthis might not hold for segs after segmentation.\n\nSyzkaller demonstrated to reach this warning in skb_checksum_help\n\n\toffset = skb_checksum_start_offset(skb);\n\tret = -EINVAL;\n\tif (WARN_ON_ONCE(offset \u003e= skb_headlen(skb)))\n\nBy injecting a TSO packet:\n\nWARNING: CPU: 1 PID: 3539 at net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0\n ip_do_fragment+0x209/0x1b20 net/ipv4/ip_output.c:774\n ip_finish_output_gso net/ipv4/ip_output.c:279 [inline]\n __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301\n iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82\n ip_tunnel_xmit+0x2296/0x2c70 net/ipv4/ip_tunnel.c:813\n __gre_xmit net/ipv4/ip_gre.c:469 [inline]\n ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661\n __netdev_start_xmit include/linux/netdevice.h:4850 [inline]\n netdev_start_xmit include/linux/netdevice.h:4864 [inline]\n xmit_one net/core/dev.c:3595 [inline]\n dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611\n __dev_queue_xmit+0x1b97/0x3c90 net/core/dev.c:4261\n packet_snd net/packet/af_packet.c:3073 [inline]\n\nThe geometry of the bad input packet at tcp_gso_segment:\n\n[   52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0\n[   52.003050][ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244\n[   52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(size=1552 type=3 segs=0))\n[   52.003050][ T8403] csum(0x60000c7 start=199 offset=1536\nip_summed=3 complete_sw=0 valid=0 level=0)\n\nMitigate with stricter input validation.\n\ncsum_offset: for GSO packets, deduce the correct value from gso_type.\nThis is already done for USO. Extend it to TSO. Let UFO be:\nudp[46]_ufo_fragment ignores these fields and always computes the\nchecksum in software.\n\ncsum_start: finding the real offset requires parsing to the transport\nheader. Do not add a parser, use existing segmentation parsing. Thanks\nto SKB_GSO_DODGY, that also catches bad packets that are hw offloaded.\nAgain test both TSO and USO. Do not test UFO for the above reason, and\ndo not test UDP tunnel offload.\n\nGSO packet are almost always CHECKSUM_PARTIAL. USO packets may be\nCHECKSUM_NONE since commit 10154dbded6d6 (\"udp: Allow GSO transmit\nfrom devices with no checksum offload\"), but then still these fields\nare initialized correctly in udp4_hwcsum/udp6_hwcsum_outgoing. So no\nneed to test for ip_summed == CHECKSUM_PARTIAL first.\n\nThis revises an existing fix mentioned in the Fixes tag, which broke\nsmall packets with GSO offload, as detected by kselftests."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T20:31:54.698Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/413e785a89f8bde0d4156a54b8ac2fa003c06756"
        },
        {
          "url": "https://git.kernel.org/stable/c/f01c5e335fbb7fb612d40f14a3c02e2612a43d3b"
        },
        {
          "url": "https://git.kernel.org/stable/c/6772c4868a8e7ad5305957cdb834ce881793acb7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2edbb3e8838c672cd7e247e47989df9d03fc6668"
        },
        {
          "url": "https://git.kernel.org/stable/c/89add40066f9ed9abe5f7f886fe5789ff7e0c50e"
        }
      ],
      "title": "net: drop bad gso csum_start and offset in virtio_net_hdr",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-43897",
    "datePublished": "2024-08-26T10:10:53.972Z",
    "dateReserved": "2024-08-17T09:11:59.291Z",
    "dateUpdated": "2026-05-11T20:31:54.698Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-43897",
      "date": "2026-06-06",
      "epss": "0.00025",
      "percentile": "0.074"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.15.165\", \"versionEndExcluding\": \"6.1.107\", \"matchCriteriaId\": \"25C86ED2-0FD4-4A8A-9106-A059D760DE96\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.6.44\", \"versionEndExcluding\": \"6.6.46\", \"matchCriteriaId\": \"83875505-0CFF-44AD-A3E1-BE3F8B866F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.10.3\", \"versionEndExcluding\": \"6.10.5\", \"matchCriteriaId\": \"ECD67C7B-CA88-4F2B-B232-AE23DDFBA7D2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B3CE743-2126-47A3-8B7C-822B502CF119\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: drop bad gso csum_start and offset in virtio_net_hdr\\n\\nTighten csum_start and csum_offset checks in virtio_net_hdr_to_skb\\nfor GSO packets.\\n\\nThe function already checks that a checksum requested with\\nVIRTIO_NET_HDR_F_NEEDS_CSUM is in skb linear. But for GSO packets\\nthis might not hold for segs after segmentation.\\n\\nSyzkaller demonstrated to reach this warning in skb_checksum_help\\n\\n\\toffset = skb_checksum_start_offset(skb);\\n\\tret = -EINVAL;\\n\\tif (WARN_ON_ONCE(offset \u003e= skb_headlen(skb)))\\n\\nBy injecting a TSO packet:\\n\\nWARNING: CPU: 1 PID: 3539 at net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0\\n ip_do_fragment+0x209/0x1b20 net/ipv4/ip_output.c:774\\n ip_finish_output_gso net/ipv4/ip_output.c:279 [inline]\\n __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301\\n iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82\\n ip_tunnel_xmit+0x2296/0x2c70 net/ipv4/ip_tunnel.c:813\\n __gre_xmit net/ipv4/ip_gre.c:469 [inline]\\n ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661\\n __netdev_start_xmit include/linux/netdevice.h:4850 [inline]\\n netdev_start_xmit include/linux/netdevice.h:4864 [inline]\\n xmit_one net/core/dev.c:3595 [inline]\\n dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611\\n __dev_queue_xmit+0x1b97/0x3c90 net/core/dev.c:4261\\n packet_snd net/packet/af_packet.c:3073 [inline]\\n\\nThe geometry of the bad input packet at tcp_gso_segment:\\n\\n[   52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0\\n[   52.003050][ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244\\n[   52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(size=1552 type=3 segs=0))\\n[   52.003050][ T8403] csum(0x60000c7 start=199 offset=1536\\nip_summed=3 complete_sw=0 valid=0 level=0)\\n\\nMitigate with stricter input validation.\\n\\ncsum_offset: for GSO packets, deduce the correct value from gso_type.\\nThis is already done for USO. Extend it to TSO. Let UFO be:\\nudp[46]_ufo_fragment ignores these fields and always computes the\\nchecksum in software.\\n\\ncsum_start: finding the real offset requires parsing to the transport\\nheader. Do not add a parser, use existing segmentation parsing. Thanks\\nto SKB_GSO_DODGY, that also catches bad packets that are hw offloaded.\\nAgain test both TSO and USO. Do not test UFO for the above reason, and\\ndo not test UDP tunnel offload.\\n\\nGSO packet are almost always CHECKSUM_PARTIAL. USO packets may be\\nCHECKSUM_NONE since commit 10154dbded6d6 (\\\"udp: Allow GSO transmit\\nfrom devices with no checksum offload\\\"), but then still these fields\\nare initialized correctly in udp4_hwcsum/udp6_hwcsum_outgoing. So no\\nneed to test for ip_summed == CHECKSUM_PARTIAL first.\\n\\nThis revises an existing fix mentioned in the Fixes tag, which broke\\nsmall packets with GSO offload, as detected by kselftests.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: net: elimine gso csum_start incorrecto y offset en virtio_net_hdr. Apriete las comprobaciones de csum_start y csum_offset en virtio_net_hdr_to_skb para paquetes GSO. La funci\\u00f3n ya comprueba que una suma de comprobaci\\u00f3n solicitada con VIRTIO_NET_HDR_F_NEEDS_CSUM est\\u00e9 en skb lineal. Pero para los paquetes OSG esto podr\\u00eda no ser v\\u00e1lido para los segmentos posteriores a la segmentaci\\u00f3n. Syzkaller demostr\\u00f3 alcanzar esta advertencia en skb_checksum_help offset = skb_checksum_start_offset(skb); ret = -EINVAL; if (WARN_ON_ONCE(offset \u0026gt;= skb_headlen(skb))) Al inyectar un paquete TSO: ADVERTENCIA: CPU: 1 PID: 3539 en net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0 ip_do_fragment+0x209/0x1b20 net/ipv4 /ip_output.c:774 ip_finish_output_gso net/ipv4/ip_output.c:279 [en l\\u00ednea] __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301 iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82 +0x2296 /0x2c70 net/ipv4/ip_tunnel.c:813 __gre_xmit net/ipv4/ip_gre.c:469 [en l\\u00ednea] ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661 __netdev_start_xmit include/linux/netdevice.h:4850 [en l\\u00ednea ] netdev_start_xmit include/linux/netdevice.h:4864 [en l\\u00ednea] xmit_one net/core/dev.c:3595 [en l\\u00ednea] dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611 __dev_queue_xmit+0x1b97/0x3c90 net/core/ dev.c:4261 paquete_snd net/packet/af_packet.c:3073 [en l\\u00ednea] La geometr\\u00eda del paquete de entrada incorrecto en tcp_gso_segment: [ 52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0 [ 52.003050] [ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244 [ 52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(tama\\u00f1o=1552 tipo=3 segs=0)) [ 52.003050][ T8403] csum(0x60000c7 start=199 offset=1536 ip_summed=3 complete_sw=0 valid=0 nivel=0) Mitigar con una validaci\\u00f3n de entrada m\\u00e1s estricta. csum_offset: para paquetes GSO, deduzca el valor correcto de gso_type. Esto ya est\\u00e1 hecho para la OSU. Ampliarlo a TSO. Sea UFO: udp[46]_ufo_fragment ignora estos campos y siempre calcula la suma de comprobaci\\u00f3n en el software. csum_start: encontrar el desplazamiento real requiere analizar el encabezado de transporte. No agregue un analizador, utilice el an\\u00e1lisis de segmentaci\\u00f3n existente. Gracias a SKB_GSO_DODGY, eso tambi\\u00e9n detecta paquetes defectuosos que se descargan correctamente. Nuevamente pruebe tanto TSO como USO. No pruebe UFO por el motivo anterior y no pruebe la descarga del t\\u00fanel UDP. Los paquetes OSG casi siempre son CHECKSUM_PARTIAL. Los paquetes USO pueden ser CHECKSUM_NONE desde el commit 10154dbded6d6 (\\\"udp: Permitir transmisi\\u00f3n GSO desde dispositivos sin descarga de suma de verificaci\\u00f3n\\\"), pero a\\u00fan as\\u00ed estos campos se inicializan correctamente en udp4_hwcsum/udp6_hwcsum_outgoing. Por lo tanto, no es necesario probar primero ip_summed == CHECKSUM_PARTIAL. Esto revisa una soluci\\u00f3n existente mencionada en la etiqueta Correcciones, que romp\\u00eda paquetes peque\\u00f1os con la descarga GSO, seg\\u00fan lo detectado por kselftests.\"}]",
      "id": "CVE-2024-43897",
      "lastModified": "2024-09-12T12:15:50.297",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-08-26T11:15:04.437",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/2edbb3e8838c672cd7e247e47989df9d03fc6668\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/413e785a89f8bde0d4156a54b8ac2fa003c06756\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/6772c4868a8e7ad5305957cdb834ce881793acb7\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/89add40066f9ed9abe5f7f886fe5789ff7e0c50e\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/f01c5e335fbb7fb612d40f14a3c02e2612a43d3b\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-43897\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-08-26T11:15:04.437\",\"lastModified\":\"2025-11-03T22:18:18.917\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: drop bad gso csum_start and offset in virtio_net_hdr\\n\\nTighten csum_start and csum_offset checks in virtio_net_hdr_to_skb\\nfor GSO packets.\\n\\nThe function already checks that a checksum requested with\\nVIRTIO_NET_HDR_F_NEEDS_CSUM is in skb linear. But for GSO packets\\nthis might not hold for segs after segmentation.\\n\\nSyzkaller demonstrated to reach this warning in skb_checksum_help\\n\\n\\toffset = skb_checksum_start_offset(skb);\\n\\tret = -EINVAL;\\n\\tif (WARN_ON_ONCE(offset \u003e= skb_headlen(skb)))\\n\\nBy injecting a TSO packet:\\n\\nWARNING: CPU: 1 PID: 3539 at net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0\\n ip_do_fragment+0x209/0x1b20 net/ipv4/ip_output.c:774\\n ip_finish_output_gso net/ipv4/ip_output.c:279 [inline]\\n __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301\\n iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82\\n ip_tunnel_xmit+0x2296/0x2c70 net/ipv4/ip_tunnel.c:813\\n __gre_xmit net/ipv4/ip_gre.c:469 [inline]\\n ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661\\n __netdev_start_xmit include/linux/netdevice.h:4850 [inline]\\n netdev_start_xmit include/linux/netdevice.h:4864 [inline]\\n xmit_one net/core/dev.c:3595 [inline]\\n dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611\\n __dev_queue_xmit+0x1b97/0x3c90 net/core/dev.c:4261\\n packet_snd net/packet/af_packet.c:3073 [inline]\\n\\nThe geometry of the bad input packet at tcp_gso_segment:\\n\\n[   52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0\\n[   52.003050][ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244\\n[   52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(size=1552 type=3 segs=0))\\n[   52.003050][ T8403] csum(0x60000c7 start=199 offset=1536\\nip_summed=3 complete_sw=0 valid=0 level=0)\\n\\nMitigate with stricter input validation.\\n\\ncsum_offset: for GSO packets, deduce the correct value from gso_type.\\nThis is already done for USO. Extend it to TSO. Let UFO be:\\nudp[46]_ufo_fragment ignores these fields and always computes the\\nchecksum in software.\\n\\ncsum_start: finding the real offset requires parsing to the transport\\nheader. Do not add a parser, use existing segmentation parsing. Thanks\\nto SKB_GSO_DODGY, that also catches bad packets that are hw offloaded.\\nAgain test both TSO and USO. Do not test UFO for the above reason, and\\ndo not test UDP tunnel offload.\\n\\nGSO packet are almost always CHECKSUM_PARTIAL. USO packets may be\\nCHECKSUM_NONE since commit 10154dbded6d6 (\\\"udp: Allow GSO transmit\\nfrom devices with no checksum offload\\\"), but then still these fields\\nare initialized correctly in udp4_hwcsum/udp6_hwcsum_outgoing. So no\\nneed to test for ip_summed == CHECKSUM_PARTIAL first.\\n\\nThis revises an existing fix mentioned in the Fixes tag, which broke\\nsmall packets with GSO offload, as detected by kselftests.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: elimine gso csum_start incorrecto y offset en virtio_net_hdr. Apriete las comprobaciones de csum_start y csum_offset en virtio_net_hdr_to_skb para paquetes GSO. La funci\u00f3n ya comprueba que una suma de comprobaci\u00f3n solicitada con VIRTIO_NET_HDR_F_NEEDS_CSUM est\u00e9 en skb lineal. Pero para los paquetes OSG esto podr\u00eda no ser v\u00e1lido para los segmentos posteriores a la segmentaci\u00f3n. Syzkaller demostr\u00f3 alcanzar esta advertencia en skb_checksum_help offset = skb_checksum_start_offset(skb); ret = -EINVAL; if (WARN_ON_ONCE(offset \u0026gt;= skb_headlen(skb))) Al inyectar un paquete TSO: ADVERTENCIA: CPU: 1 PID: 3539 en net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0 ip_do_fragment+0x209/0x1b20 net/ipv4 /ip_output.c:774 ip_finish_output_gso net/ipv4/ip_output.c:279 [en l\u00ednea] __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301 iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82 +0x2296 /0x2c70 net/ipv4/ip_tunnel.c:813 __gre_xmit net/ipv4/ip_gre.c:469 [en l\u00ednea] ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661 __netdev_start_xmit include/linux/netdevice.h:4850 [en l\u00ednea ] netdev_start_xmit include/linux/netdevice.h:4864 [en l\u00ednea] xmit_one net/core/dev.c:3595 [en l\u00ednea] dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611 __dev_queue_xmit+0x1b97/0x3c90 net/core/ dev.c:4261 paquete_snd net/packet/af_packet.c:3073 [en l\u00ednea] La geometr\u00eda del paquete de entrada incorrecto en tcp_gso_segment: [ 52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0 [ 52.003050] [ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244 [ 52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(tama\u00f1o=1552 tipo=3 segs=0)) [ 52.003050][ T8403] csum(0x60000c7 start=199 offset=1536 ip_summed=3 complete_sw=0 valid=0 nivel=0) Mitigar con una validaci\u00f3n de entrada m\u00e1s estricta. csum_offset: para paquetes GSO, deduzca el valor correcto de gso_type. Esto ya est\u00e1 hecho para la OSU. Ampliarlo a TSO. Sea UFO: udp[46]_ufo_fragment ignora estos campos y siempre calcula la suma de comprobaci\u00f3n en el software. csum_start: encontrar el desplazamiento real requiere analizar el encabezado de transporte. No agregue un analizador, utilice el an\u00e1lisis de segmentaci\u00f3n existente. Gracias a SKB_GSO_DODGY, eso tambi\u00e9n detecta paquetes defectuosos que se descargan correctamente. Nuevamente pruebe tanto TSO como USO. No pruebe UFO por el motivo anterior y no pruebe la descarga del t\u00fanel UDP. Los paquetes OSG casi siempre son CHECKSUM_PARTIAL. Los paquetes USO pueden ser CHECKSUM_NONE desde el commit 10154dbded6d6 (\\\"udp: Permitir transmisi\u00f3n GSO desde dispositivos sin descarga de suma de verificaci\u00f3n\\\"), pero a\u00fan as\u00ed estos campos se inicializan correctamente en udp4_hwcsum/udp6_hwcsum_outgoing. Por lo tanto, no es necesario probar primero ip_summed == CHECKSUM_PARTIAL. Esto revisa una soluci\u00f3n existente mencionada en la etiqueta Correcciones, que romp\u00eda paquetes peque\u00f1os con la descarga GSO, seg\u00fan lo detectado por kselftests.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.15.165\",\"versionEndExcluding\":\"6.1.107\",\"matchCriteriaId\":\"25C86ED2-0FD4-4A8A-9106-A059D760DE96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6.44\",\"versionEndExcluding\":\"6.6.46\",\"matchCriteriaId\":\"83875505-0CFF-44AD-A3E1-BE3F8B866F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.10.3\",\"versionEndExcluding\":\"6.10.5\",\"matchCriteriaId\":\"ECD67C7B-CA88-4F2B-B232-AE23DDFBA7D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.11:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B3CE743-2126-47A3-8B7C-822B502CF119\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2edbb3e8838c672cd7e247e47989df9d03fc6668\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/413e785a89f8bde0d4156a54b8ac2fa003c06756\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/6772c4868a8e7ad5305957cdb834ce881793acb7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/89add40066f9ed9abe5f7f886fe5789ff7e0c50e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f01c5e335fbb7fb612d40f14a3c02e2612a43d3b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T22:06:59.989Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43897\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T15:29:03.207414Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:15.309Z\"}}], \"cna\": {\"title\": \"net: drop bad gso csum_start and offset in virtio_net_hdr\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"27874ca77bd2b05a3779c7b3a5c75d8dd7f0b40f\", \"lessThan\": \"413e785a89f8bde0d4156a54b8ac2fa003c06756\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"5b1997487a3f3373b0f580c8a20b56c1b64b0775\", \"lessThan\": \"f01c5e335fbb7fb612d40f14a3c02e2612a43d3b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"90d41ebe0cd4635f6410471efc1dd71b33e894cf\", \"lessThan\": \"6772c4868a8e7ad5305957cdb834ce881793acb7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"e9164903b8b303c34723177b02fe91e49e3c4cd7\", \"lessThan\": \"2edbb3e8838c672cd7e247e47989df9d03fc6668\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"e269d79c7d35aa3808b1f3c1737d63dab504ddc8\", \"lessThan\": \"89add40066f9ed9abe5f7f886fe5789ff7e0c50e\", \"versionType\": \"git\"}], \"programFiles\": [\"include/linux/virtio_net.h\", \"net/ipv4/tcp_offload.c\", \"net/ipv4/udp_offload.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.15.165\", \"lessThan\": \"5.15.167\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"6.1.103\", \"lessThan\": \"6.1.107\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"6.6.44\", \"lessThan\": \"6.6.46\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"6.10.3\", \"lessThan\": \"6.10.5\", \"versionType\": \"semver\"}], \"programFiles\": [\"include/linux/virtio_net.h\", \"net/ipv4/tcp_offload.c\", \"net/ipv4/udp_offload.c\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/413e785a89f8bde0d4156a54b8ac2fa003c06756\"}, {\"url\": \"https://git.kernel.org/stable/c/f01c5e335fbb7fb612d40f14a3c02e2612a43d3b\"}, {\"url\": \"https://git.kernel.org/stable/c/6772c4868a8e7ad5305957cdb834ce881793acb7\"}, {\"url\": \"https://git.kernel.org/stable/c/2edbb3e8838c672cd7e247e47989df9d03fc6668\"}, {\"url\": \"https://git.kernel.org/stable/c/89add40066f9ed9abe5f7f886fe5789ff7e0c50e\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: drop bad gso csum_start and offset in virtio_net_hdr\\n\\nTighten csum_start and csum_offset checks in virtio_net_hdr_to_skb\\nfor GSO packets.\\n\\nThe function already checks that a checksum requested with\\nVIRTIO_NET_HDR_F_NEEDS_CSUM is in skb linear. But for GSO packets\\nthis might not hold for segs after segmentation.\\n\\nSyzkaller demonstrated to reach this warning in skb_checksum_help\\n\\n\\toffset = skb_checksum_start_offset(skb);\\n\\tret = -EINVAL;\\n\\tif (WARN_ON_ONCE(offset \u003e= skb_headlen(skb)))\\n\\nBy injecting a TSO packet:\\n\\nWARNING: CPU: 1 PID: 3539 at net/core/dev.c:3284 skb_checksum_help+0x3d0/0x5b0\\n ip_do_fragment+0x209/0x1b20 net/ipv4/ip_output.c:774\\n ip_finish_output_gso net/ipv4/ip_output.c:279 [inline]\\n __ip_finish_output+0x2bd/0x4b0 net/ipv4/ip_output.c:301\\n iptunnel_xmit+0x50c/0x930 net/ipv4/ip_tunnel_core.c:82\\n ip_tunnel_xmit+0x2296/0x2c70 net/ipv4/ip_tunnel.c:813\\n __gre_xmit net/ipv4/ip_gre.c:469 [inline]\\n ipgre_xmit+0x759/0xa60 net/ipv4/ip_gre.c:661\\n __netdev_start_xmit include/linux/netdevice.h:4850 [inline]\\n netdev_start_xmit include/linux/netdevice.h:4864 [inline]\\n xmit_one net/core/dev.c:3595 [inline]\\n dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3611\\n __dev_queue_xmit+0x1b97/0x3c90 net/core/dev.c:4261\\n packet_snd net/packet/af_packet.c:3073 [inline]\\n\\nThe geometry of the bad input packet at tcp_gso_segment:\\n\\n[   52.003050][ T8403] skb len=12202 headroom=244 headlen=12093 tailroom=0\\n[   52.003050][ T8403] mac=(168,24) mac_len=24 net=(192,52) trans=244\\n[   52.003050][ T8403] shinfo(txflags=0 nr_frags=1 gso(size=1552 type=3 segs=0))\\n[   52.003050][ T8403] csum(0x60000c7 start=199 offset=1536\\nip_summed=3 complete_sw=0 valid=0 level=0)\\n\\nMitigate with stricter input validation.\\n\\ncsum_offset: for GSO packets, deduce the correct value from gso_type.\\nThis is already done for USO. Extend it to TSO. Let UFO be:\\nudp[46]_ufo_fragment ignores these fields and always computes the\\nchecksum in software.\\n\\ncsum_start: finding the real offset requires parsing to the transport\\nheader. Do not add a parser, use existing segmentation parsing. Thanks\\nto SKB_GSO_DODGY, that also catches bad packets that are hw offloaded.\\nAgain test both TSO and USO. Do not test UFO for the above reason, and\\ndo not test UDP tunnel offload.\\n\\nGSO packet are almost always CHECKSUM_PARTIAL. USO packets may be\\nCHECKSUM_NONE since commit 10154dbded6d6 (\\\"udp: Allow GSO transmit\\nfrom devices with no checksum offload\\\"), but then still these fields\\nare initialized correctly in udp4_hwcsum/udp6_hwcsum_outgoing. So no\\nneed to test for ip_summed == CHECKSUM_PARTIAL first.\\n\\nThis revises an existing fix mentioned in the Fixes tag, which broke\\nsmall packets with GSO offload, as detected by kselftests.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.167\", \"versionStartIncluding\": \"5.15.165\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.107\", \"versionStartIncluding\": \"6.1.103\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.46\", \"versionStartIncluding\": \"6.6.44\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.10.5\", \"versionStartIncluding\": \"6.10.3\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T20:31:54.698Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-43897\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-11T20:31:54.698Z\", \"dateReserved\": \"2024-08-17T09:11:59.291Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-08-26T10:10:53.972Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.