PT-2024-21522 · Linux+8 · Linux Kernel+8

Published

2024-04-17

·

Updated

2026-03-14

·

CVE-2024-26830

CVSS v3.1

6.3

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the i40e driver in the Linux kernel, where an untrusted Virtual Function (VF) can remove a Media Access Control (MAC) address that was set administratively by the Physical Function (PF). This occurs when the VF is put down and attempts to delete all MACs, resulting in the removal of the MAC from MAC filters and the zeroing of the primary VF MAC. The vulnerability can be reproduced by creating a VF, setting the VF interface up, administratively setting the VF's MAC, and then putting the VF interface down.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2025_16880
AZL-59445
BDU:2025-13313
CESA-2024_3138
CVE-2024-26830
OPENSUSE-SU-2024_1644-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
RHSA-2024:10941
RHSA-2024:2394
RHSA-2024:3138
RHSA-2024:8161
RHSA-2024_2394
RHSA-2024_3138
RHSA-2025:0063
RHSA-2025:0064
SUSE-SU-2024:1644-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:2892-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2940-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6900-1
USN-6973-1
USN-6973-2
USN-6973-3
USN-6973-4
USN-6974-1
USN-6974-2
USN-7006-1
USN-7019-1

Affected Products

Astra Linux
Centos
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu