CVE-2024-11614

HIGH

DPDK Vhost < unknown - Memory Corruption

Title source: llm
STIX 2.1

Description

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.

References (14)

Core 14
Core References
Issue Tracking issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2327955
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0208
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0209
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0210
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0211
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0220
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0221
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:0222
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:3963
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:3964
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:3965
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:3970
Vendor Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2024-11614

Scores

CVSS v3 7.4
EPSS 0.0021
EPSS Percentile 42.5%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-125
Status published
Products (17)
Red Hat/Fast Datapath for Red Hat Enterprise Linux 8 0:3.1.0-159.el8fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9 0:3.1.0-149.el9fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9 0:3.3.0-92.el9fdp
Red Hat/Fast Datapath for Red Hat Enterprise Linux 9 0:3.4.0-48.el9fdp
Red Hat/Fast Datapath for RHEL 7
Red Hat/Fast Datapath for RHEL 8
Red Hat/Fast Datapath for RHEL 9
Red Hat/Red Hat Enterprise Linux 8 0:23.11-2.el8_10
Red Hat/Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 0:21.11-3.el8_6
Red Hat/Red Hat Enterprise Linux 8.6 Telecommunications Update Service 0:21.11-3.el8_6
... and 7 more
Published Dec 18, 2024
Tracked Since Feb 18, 2026