CVE-2024-26665

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.8.0-rc1+

Description The issue is related to an out-of-bounds access when building an IPv6 PMTU error in the Linux kernel. This occurs when the ICMPv6 error is built from a non-linear skb, resulting in a slab-out-of-bounds error in the do csum function. The csum partial function is unable to handle non-linear SKBs, leading to this issue. The skb tunnel check pmtu, vxlan xmit one, vxlan xmit, dev hard start xmit, dev queue xmit, and br dev queue push xmit functions are involved in the error path. To resolve this, skb checksum should be used instead of csum partial.

Recommendations To fix the issue, update the Linux kernel to a version that includes the fix for the out-of-bounds access when building IPv6 PMTU errors. As a temporary workaround, consider disabling the vxlan xmit function until a patch is available. Restrict access to the skb tunnel check pmtu function to minimize the risk of exploitation. Avoid using the csum partial function in the affected API endpoints until the issue is resolved.