PT-2024-34084 · Linux+9 · Linux Kernel+9

Slavin Liu

·

Published

2024-10-30

·

Updated

2025-10-03

·

CVE-2024-50251

CVSS v3.1

6.2

Medium

VectorAV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61
Description: A vulnerability has been resolved in the Linux kernel, specifically in the netfilter: nft payload module. The issue arises when the skb checksum() function is called with an offset and length that exceed the skbuff length, triggering a BUG ON() error. The skb checksum() function internally subtracts the length parameter while iterating over the skbuff and checks that the expected length is fully consumed at the end.
Recommendations: For Linux kernel versions prior to 6.6.61, update to version 6.6.61 or later to resolve the issue. As a temporary workaround, consider restricting access to the nft payload module until a patch is available. Avoid using the skb checksum() function with unvalidated offset and length parameters in the affected API endpoints until the issue is resolved.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2024:10939
ALSA-2024_10939
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-15739
ALT-PU-2024-16040
ALT-PU-2024-16172
ALT-PU-2024-17099
ALT-PU-2024-17211
ALT-PU-2024-17891
ALT-PU-2025-12647
AZL-53277
AZL-53328
BDU:2025-04330
CVE-2024-50251
DLA-4008-1
DLA-4075-1
DSA-5818-1
INFSA-2024_10939
MGASA-2024-0368
MGASA-2024-0369
OESA-2024-2570
OESA-2025-1078
OPENSUSE-SU-2024:14500-1
OPENSUSE-SU-2025:14705-1
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
RHSA-2024:10939
RHSA-2024_10939
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:0564-1
SUSE-SU-2025:0834-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
SUSE-SU-2025_0834-1
USN-7276-1
USN-7277-1
USN-7288-1
USN-7288-2
USN-7289-1
USN-7289-2
USN-7289-3
USN-7289-4
USN-7291-1
USN-7293-1
USN-7294-1
USN-7294-2
USN-7294-3
USN-7294-4
USN-7295-1
USN-7305-1
USN-7308-1
USN-7310-1
USN-7331-1
USN-7388-1
USN-7389-1
USN-7390-1
USN-7393-1
USN-7401-1
USN-7413-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu