CVE-2024-50251

MEDIUM

Linux kernel - Buffer Overflow

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.

Exploits (1)

nomisec WORKING POC 2 stars
by slavin-ayu · poc
https://github.com/slavin-ayu/CVE-2024-50251-PoC

References (11)

Scores

CVSS v3 6.2
EPSS 0.0030
EPSS Percentile 53.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Status published
Products (9)
linux/Kernel 4.20.0 - 5.4.285linux
linux/Kernel 4.5.0 - 4.19.323linux
linux/Kernel 5.11.0 - 5.15.171linux
linux/Kernel 5.16.0 - 6.1.116linux
linux/Kernel 5.5.0 - 5.10.229linux
linux/Kernel 6.2.0 - 6.6.60linux
linux/Kernel 6.7.0 - 6.11.7linux
linux/linux_kernel 6.12 rc1 (5 CPE variants)
linux/linux_kernel 4.5 - 4.19.323
Published Nov 09, 2024
Tracked Since Feb 18, 2026