gsd - gsd-2024-26677

gsd-2024-26677

Vulnerability from gsd

Modified

2024-02-20 06:02

Details

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construction of delayed ACKs to not set the reference serial number as they can't be used as an RTT reference.

Aliases

CVE-2024-26677

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-26677"
      ],
      "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix delayed ACKs to not set the reference serial number\n\nFix the construction of delayed ACKs to not set the reference serial number\nas they can\u0027t be used as an RTT reference.",
      "id": "GSD-2024-26677",
      "modified": "2024-02-20T06:02:29.116133Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@kernel.org",
        "ID": "CVE-2024-26677",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "17926a79320a",
                          "version_value": "200cb50b9e15"
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "status": "affected",
                                "version": "2.6.22"
                              },
                              {
                                "lessThan": "2.6.22",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.6.*",
                                "status": "unaffected",
                                "version": "6.6.17",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.7.*",
                                "status": "unaffected",
                                "version": "6.7.5",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "*",
                                "status": "unaffected",
                                "version": "6.8",
                                "versionType": "original_commit_for_fix"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Linux"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix delayed ACKs to not set the reference serial number\n\nFix the construction of delayed ACKs to not set the reference serial number\nas they can\u0027t be used as an RTT reference."
          }
        ]
      },
      "generator": {
        "engine": "bippy-b4257b672505"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2"
          },
          {
            "name": "https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae"
          },
          {
            "name": "https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix delayed ACKs to not set the reference serial number\n\nFix the construction of delayed ACKs to not set the reference serial number\nas they can\u0027t be used as an RTT reference."
          },
          {
            "lang": "es",
            "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: rxrpc: corrige los ACK retrasados para no establecer el n\u00famero de serie de referencia. Se corrige la construcci\u00f3n de los ACK retrasados para no establecer el n\u00famero de serie de referencia, ya que no se pueden usar como referencia RTT."
          }
        ],
        "id": "CVE-2024-26677",
        "lastModified": "2024-04-02T12:50:42.233",
        "metrics": {},
        "published": "2024-04-02T07:15:44.237",
        "references": [
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef"
          }
        ],
        "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}

cve-2024-26677

Vulnerability from cvelistv5

Published

2024-04-02 07:01

Modified

2024-08-02 00:14

Severity ?

Summary

rxrpc: Fix delayed ACKs to not set the reference serial number

References

▼	URL	Tags
	https://git.kernel.org/stable/c/200cb50b9e154434470c8969d32474d38475acc2
	https://git.kernel.org/stable/c/63719f490e6a89896e9a463d2b45e8203eab23ae
	https://git.kernel.org/stable/c/e7870cf13d20f56bfc19f9c3e89707c69cf104ef

Impacted products

▼	Vendor	Product
	Linux	Linux
	Linux	Linux

Show details on NVD website