CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved: tun:
limit printing rate when illegal packet received by tun dev vhost_worker
will call tun call backs to receive packets. If too many illegal packets
arrives, tun_do_read will keep dumping packet contents. When console is
enabled, it will costs much more cpu time to dump packet and soft lockup
will be detected. net_ratelimit mechanism can be used to limit the dumping
rate. PID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: “vhost-32980” #0
[fffffe00003fce50] crash_nmi_callback at ffffffff89249253 #1
[fffffe00003fce58] nmi_handle at ffffffff89225fa3 #2 [fffffe00003fceb0]
default_do_nmi at ffffffff8922642e #3 [fffffe00003fced0] do_nmi at
ffffffff8922660d #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663
[exception RIP: io_serial_in+20] RIP: ffffffff89792594 RSP:
ffffa655314979e8 RFLAGS: 00000002 RAX: ffffffff89792500 RBX:
ffffffff8af428a0 RCX: 0000000000000000 RDX: 00000000000003fd RSI:
0000000000000005 RDI: ffffffff8af428a0 RBP: 0000000000002710 R8:
0000000000000004 R9: 000000000000000f R10: 0000000000000000 R11:
ffffffff8acbf64f R12: 0000000000000020 R13: ffffffff8acbf698 R14:
0000000000000058 R15: 0000000000000000 ORIG_RAX: ffffffffffffffff CS: 0010
SS: 0018 #5 [ffffa655314979e8] io_serial_in at ffffffff89792594 #6
[ffffa655314979e8] wait_for_xmitr at ffffffff89793470 #7 [ffffa65531497a08]
serial8250_console_putchar at ffffffff897934f6 #8 [ffffa65531497a20]
uart_console_write at ffffffff8978b605 #9 [ffffa65531497a48]
serial8250_console_write at ffffffff89796558 #10 [ffffa65531497ac8]
console_unlock at ffffffff89316124 #11 [ffffa65531497b10] vprintk_emit at
ffffffff89317c07 #12 [ffffa65531497b68] printk at ffffffff89318306 #13
[ffffa65531497bc8] print_hex_dump at ffffffff89650765 #14
[ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun] #15
[ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun] #16
[ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net] #17
[ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost] #18
[ffffa65531497f10] kthread at ffffffff892d2e72 #19 [ffffa65531497f50]
ret_from_fork at ffffffff89c0022f
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < 4.15.0-227.239 | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-189.209 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-116.126 | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < 6.8.0-38.38 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1170.183 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1128.138 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1065.71 | UNKNOWN |
ubuntu | 24.04 | noarch | linux-aws | < 6.8.0-1011.12 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1065.71~20.04.1 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
git.kernel.org/linus/f8bbc07ac535593139c875ffa19af924b1084540 (6.9-rc5)
git.kernel.org/stable/c/40f4ced305c6c47487d3cd8da54676e2acc1a6ad
git.kernel.org/stable/c/52854101180beccdb9dc2077a3bea31b6ad48dfa
git.kernel.org/stable/c/62e27ef18eb4f0d33bbae8e9ef56b99696a74713
git.kernel.org/stable/c/a50dbeca28acf7051dfa92786b85f704c75db6eb
git.kernel.org/stable/c/f8bbc07ac535593139c875ffa19af924b1084540
launchpad.net/bugs/cve/CVE-2024-27013
nvd.nist.gov/vuln/detail/CVE-2024-27013
security-tracker.debian.org/tracker/CVE-2024-27013
ubuntu.com/security/notices/USN-6893-1
ubuntu.com/security/notices/USN-6893-2
ubuntu.com/security/notices/USN-6893-3
ubuntu.com/security/notices/USN-6896-1
ubuntu.com/security/notices/USN-6896-2
ubuntu.com/security/notices/USN-6896-3
ubuntu.com/security/notices/USN-6896-4
ubuntu.com/security/notices/USN-6896-5
ubuntu.com/security/notices/USN-6898-1
ubuntu.com/security/notices/USN-6898-2
ubuntu.com/security/notices/USN-6898-3
ubuntu.com/security/notices/USN-6898-4
ubuntu.com/security/notices/USN-6917-1
ubuntu.com/security/notices/USN-6918-1
ubuntu.com/security/notices/USN-6919-1
ubuntu.com/security/notices/USN-6926-1
www.cve.org/CVERecord?id=CVE-2024-27013