CVE-2024-50251

MEDIUM EPSS 40.7%
Published Nov 9, 20241y ago · Modified Jun 17, 20261w ago
6.2 CVSS 3.1
Medium
Find Similar
Published Nov 9, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.

CVSS Details

Base Score
6.2
Exploitability
2.5
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
40.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥4.5  –  <4.19.323
linuxlinux_kernel*≥4.20  –  <5.4.285
linuxlinux_kernel*≥5.5  –  <5.10.229
linuxlinux_kernel*≥5.11  –  <5.15.171
linuxlinux_kernel*≥5.16  –  <6.1.116
linuxlinux_kernel*≥6.2  –  <6.6.60
linuxlinux_kernel*≥6.7  –  <6.11.7
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 14

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-265688.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-355557.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-398330.html
  • git.kernel.org https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a661ed364ae6ae88c2fafa9ddc27df1af2a73701
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ac7df3fc80fc82bcc3b1e8f6ebc0d2c435d0c534
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b1d2de8a669fa14c499a385e056944d5352b3b40
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c43e0ea848e7b9bef7a682cbc5608022d6d29d7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3217323525f7596427124359e76ea0d8fcc9874
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d5953d680f7e96208c29ce4139a0e38de87a57fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3e608cbad376674d19a71ccd0d41804d9393f02
    Patch
  • github.com https://github.com/slavin-ayu/CVE-2024-50251-PoC
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a661ed364ae6ae88c2fafa9ddc27df1af2a73701
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ac7df3fc80fc82bcc3b1e8f6ebc0d2c435d0c534
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b1d2de8a669fa14c499a385e056944d5352b3b40
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c43e0ea848e7b9bef7a682cbc5608022d6d29d7b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3217323525f7596427124359e76ea0d8fcc9874
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d5953d680f7e96208c29ce4139a0e38de87a57fe
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e3e608cbad376674d19a71ccd0d41804d9393f02
    Patch