PT-2024-33789 · Linux+3 · Linux Kernel+3

Published

2024-10-21

·

Updated

2025-06-06

·

CVE-2024-49947

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58
Description: A vulnerability has been resolved in the Linux kernel related to the virtio net hdr to skb() function. The issue allowed a malicious packet to be injected through af packet, setting skb->csum start and thus the transport header to an incorrect value. This could potentially lead to security issues. The vulnerability was triggered by syzbot, which injected a malicious packet and set the transport header to an incorrect value.
Recommendations: To resolve the issue, update the Linux kernel to version 6.6.58 or later. As a temporary workaround, consider restricting access to the af packet interface to minimize the risk of exploitation. Additionally, ensure that all network packets are properly validated and sanitized before processing to prevent potential security issues.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-07991
CVE-2024-49947
MGASA-2024-0344
MGASA-2024-0345
OESA-2025-1594
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2024_3984-1
OPENSUSE-SU-2024_3986-1
OPENSUSE-SU-2024_4315-1
OPENSUSE-SU-2024_4376-1
OPENSUSE-SU-2025:14705-1
SUSE-SU-2024:3984-1
SUSE-SU-2024:3986-1
SUSE-SU-2024:4315-1
SUSE-SU-2024:4318-1
SUSE-SU-2024:4364-1
SUSE-SU-2024:4376-1
SUSE-SU-2024:4387-1
SUSE-SU-2025:20163-1
SUSE-SU-2025:20164-1
SUSE-SU-2025:20246-1
SUSE-SU-2025:20247-1
USN-7276-1
USN-7277-1
USN-7301-1
USN-7303-1
USN-7303-2
USN-7303-3
USN-7304-1
USN-7310-1
USN-7311-1
USN-7384-1
USN-7384-2
USN-7385-1
USN-7386-1
USN-7403-1

Affected Products

Linuxmint
Linux Kernel
Suse
Ubuntu