Linux · Linux Kernel · CVE-2024-26853
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The vulnerability is related to the igc driver in the Linux kernel, specifically with the XDP REDIRECT feature. When a frame cannot be transmitted due to a full queue, it is necessary to free it by calling xdp return frame rx napi. However, this is the responsibility of the caller of the ndo xdp xmit, and calling it inside igc xdp xmit will lead to memory corruption. The memory corruption can be reproduced with a script that generates more traffic than a i225 NIC can transmit and pushes it via XDP REDIRECT from a virtual interface to the physical interface where frames get dropped.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.