PT-2025-3593 · Linux+5 · Linux Kernel+5

Si-Wei Liu

Published

2024-11-05

Updated

2026-05-26

CVE-2024-57843

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74

Description The issue is related to an overflow inside virtnet rq alloc in the virtio-net component. This occurs when a frag just got a page and the sysctl net.core.high order alloc disable value is 1, leading to reliable crashes or scp failure when transferring large files to a VM. The problem arises because virtnet rq dma takes up 16 bytes at the beginning of a new frag, causing an overflow when the frag size is only one page and the total size of the buffer and virtnet rq dma exceeds one page.

Recommendations For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider adjusting the sysctl net.core.high order alloc disable value to 0 to minimize the risk of exploitation. Restrict access to the virtio-net component to minimize the risk of crashes or scp failures until the issue is resolved.

Exploit

Fix

DoS

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-131CWE-191

Related Identifiers

ALT-PU-2025-12647

AZL-67779

BDU:2026-01415

CVE-2024-57843

ECHO-87DA-D7CC-A069

INFSA-2025_6966

MGASA-2025-0030

MGASA-2025-0032

RHSA-2025:6966

RHSA-2025_6966

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Debian

Linuxmint

Linux Kernel

Red Hat

Ubuntu

PT-2025-3593 · Linux+5 · Linux Kernel+5

CVE-2024-57843

Weakness Enumeration

Related Identifiers

Affected Products

References · 1010