Описание
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
A flaw was found in igb_configure_rx_ring in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue.
Отчет
This flaw is rated as Important because of its nature of exposure to the threat of impacting Confidentiality, Integrity and Availability by an attacker while being in an adjacent physical layer with no privilege required.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2024:1332 | 14.03.2024 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2024:1249 | 12.03.2024 |
| Red Hat Enterprise Linux 7 | kpatch-patch | Fixed | RHSA-2024:1323 | 13.03.2024 |
| Red Hat Enterprise Linux 7.6 Advanced Update Support(Disable again in 2026 - SPRHEL-7118) | kernel | Fixed | RHSA-2024:0980 | 26.02.2024 |
| Red Hat Enterprise Linux 7.7 Advanced Update Support | kernel | Fixed | RHSA-2024:0999 | 27.02.2024 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2024:0881 | 20.02.2024 |
| Red Hat Enterprise Linux 8 | kpatch-patch | Fixed | RHSA-2024:0876 | 20.02.2024 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2024:0897 | 20.02.2024 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c i ...
An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU.
Уязвимость функции igb_set_rx_buffer_len() в модуле drivers/net/ethernet/intel/igb/igb_main.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.
7.5 High
CVSS3