github - ghsa-9gh2-p9fc-q3cr

ghsa-9gh2-p9fc-q3cr

Vulnerability from github

Published

2024-04-02 09:30

Modified

2024-04-02 09:30

Details

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix delayed ACKs to not set the reference serial number

Fix the construction of delayed ACKs to not set the reference serial number as they can't be used as an RTT reference.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-26677"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-02T07:15:44Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix delayed ACKs to not set the reference serial number\n\nFix the construction of delayed ACKs to not set the reference serial number\nas they can\u0027t be used as an RTT reference.",
  "id": "GHSA-9gh2-p9fc-q3cr",
  "modified": "2024-04-02T09:30:41Z",
  "published": "2024-04-02T09:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26677"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2024-26677

Vulnerability from cvelistv5

Published

2024-04-02 07:01

Modified

2024-08-02 00:14

Severity ?

Summary

rxrpc: Fix delayed ACKs to not set the reference serial number

References

▼	URL	Tags
	https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2
	https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae
	https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26677",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-02T14:58:11.213319Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:49:09.299Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:14:12.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/rxrpc/ar-internal.h",
            "net/rxrpc/call_event.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "200cb50b9e15",
              "status": "affected",
              "version": "17926a79320a",
              "versionType": "git"
            },
            {
              "lessThan": "63719f490e6a",
              "status": "affected",
              "version": "17926a79320a",
              "versionType": "git"
            },
            {
              "lessThan": "e7870cf13d20",
              "status": "affected",
              "version": "17926a79320a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/rxrpc/ar-internal.h",
            "net/rxrpc/call_event.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.22"
            },
            {
              "lessThan": "2.6.22",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.17",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.5",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix delayed ACKs to not set the reference serial number\n\nFix the construction of delayed ACKs to not set the reference serial number\nas they can\u0027t be used as an RTT reference."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-29T05:20:40.110Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2"
        },
        {
          "url": "https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef"
        }
      ],
      "title": "rxrpc: Fix delayed ACKs to not set the reference serial number",
      "x_generator": {
        "engine": "bippy-a5840b7849dd"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26677",
    "datePublished": "2024-04-02T07:01:41.569Z",
    "dateReserved": "2024-02-19T14:20:24.151Z",
    "dateUpdated": "2024-08-02T00:14:12.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.