Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2].
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.13, < 5.4.282 |
References
- https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2Patch
- https://git.kernel.org/stable/c/a689f5eb13a90f892a088865478b3cd39f53d5dcPatch
- https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cfPatch
- https://git.kernel.org/stable/c/dda518dea60d556a2d171c0122ca7d9fdb7d473aPatch
- https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733Patch
- https://git.kernel.org/stable/c/f6bb8c90cab97a3e03f8d30e3069efe6a742e0bePatch
- https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33aa27028Patch
- https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html
- https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
FAQ
What is CVE-2024-42281?
CVE-2024-42281 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() l...
How severe is CVE-2024-42281?
CVE-2024-42281 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-42281?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.