PT-2024-29260 · Linux+9 · Linux Kernel+9

Si-Wei Liu

·

Published

2024-07-24

·

Updated

2026-01-12

·

CVE-2024-41090

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A vulnerability in the Linux kernel has been resolved, related to the tap get user xdp() path, where a missing verification for short frames could cause a corrupted skb to be sent downstack. This could lead to out-of-bound access beyond the actual length or confuse the underlayer with incorrect or inconsistent header length in the skb metadata. The alternative path, tap get user(), already prohibits short frames with lengths less than the Ethernet header size from being transmitted.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Out of bounds Read

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-20

Related Identifiers

ALSA-2024:5928
ALSA-2024:7000
ALSA-2024:7001
ALSA-2025_16880
BDU:2025-04193
CESA-2024_7000
CESA-2024_7001
CESA-2024_7429
CVE-2024-41090
DLA-4008-1
DSA-5747-1
INFSA-2024_5928
INFSA-2024_7000
INFSA-2024_7001
MGASA-2024-0277
MGASA-2024-0278
OESA-2024-1960
OESA-2024-1962
OESA-2024-1964
OESA-2024-2258
OPENSUSE-SU-2024_2947-1
OPENSUSE-SU-2024_2948-1
OPENSUSE-SU-2025_1207-1
OPENSUSE-SU-2025_1213-1
OPENSUSE-SU-2025_1232-1
OPENSUSE-SU-2025_1252-1
OPENSUSE-SU-2025_1254-1
OPENSUSE-SU-2025_1257-1
OPENSUSE-SU-2025_1260-1
OPENSUSE-SU-2025_1262-1
RHSA-2024:5256
RHSA-2024:5257
RHSA-2024:5281
RHSA-2024:5582
RHSA-2024:5672
RHSA-2024:5673
RHSA-2024:5858
RHSA-2024:5928
RHSA-2024:6156
RHSA-2024:6160
RHSA-2024:6206
RHSA-2024:6242
RHSA-2024:6313
RHSA-2024:6560
RHSA-2024:6663
RHSA-2024:6992
RHSA-2024:7000
RHSA-2024:7001
RHSA-2024:7429
RHSA-2024_5928
RHSA-2024_7000
RHSA-2024_7001
RLSA-2024:7001
SUSE-SU-2024:2802-1
SUSE-SU-2024:2892-1
SUSE-SU-2024:2893-1
SUSE-SU-2024:2894-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2901-1
SUSE-SU-2024:2902-1
SUSE-SU-2024:2923-1
SUSE-SU-2024:2929-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2940-1
SUSE-SU-2024:2947-1
SUSE-SU-2024:2948-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:1207-1
SUSE-SU-2025:1213-1
SUSE-SU-2025:1231-1
SUSE-SU-2025:1232-1
SUSE-SU-2025:1252-1
SUSE-SU-2025:1254-1
SUSE-SU-2025:1257-1
SUSE-SU-2025:1260-1
SUSE-SU-2025:1262-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-7088-1
USN-7088-2
USN-7088-3
USN-7088-4
USN-7088-5
USN-7089-1
USN-7089-2
USN-7089-3
USN-7089-4
USN-7089-5
USN-7089-6
USN-7089-7
USN-7090-1
USN-7095-1
USN-7100-1
USN-7100-2
USN-7119-1
USN-7123-1
USN-7144-1
USN-7156-1
USN-7194-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu