CVE-2024-27015

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow table lookup, so pppoe packets enter the classical forwarding path.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

History

21 Nov 2024, 09:03

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d - Patch () https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d - Patch
References () https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27 - Patch () https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27 - Patch
References () https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d - Patch () https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d - Patch
References () https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56 - Patch () https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56 - Patch
References () https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2 - Patch () https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2 - Patch

23 May 2024, 19:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
First Time Fedoraproject
Fedoraproject fedora
Linux linux Kernel
Linux
CWE NVD-CWE-noinfo
References () https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d - () https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d - Patch
References () https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27 - () https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27 - Patch
References () https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d - () https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d - Patch
References () https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56 - () https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56 - Patch
References () https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2 - () https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2 - Patch

13 May 2024, 08:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/', 'source': '416baaa9-dc9f-4396-8d5f-8c081fb06d67'}

03 May 2024, 03:16

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: tabla de flujo: tupla de pppoe incorrecta. El tráfico de pppoe que llega a la ruta de entrada no coincide con la entrada de la tabla de flujo porque se espera que el encabezado de pppoe esté en el desplazamiento del encabezado de red. Este error provoca una discrepancia en la búsqueda de la tabla de flujo, por lo que los paquetes pppoe ingresan a la ruta de reenvío clásica.
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/ -

01 May 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-01 06:15

Updated : 2024-11-21 09:03


NVD link : CVE-2024-27015

Mitre link : CVE-2024-27015

CVE.ORG link : CVE-2024-27015


JSON object : View

Products Affected

linux

  • linux_kernel

fedoraproject

  • fedora