CVE-2024-1151

CVSS V2 None CVSS V3 None

Description

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.

Overview

CVE ID
CVE-2024-1151

Assigner
redhat

Vulnerability Status
PUBLISHED

Published Version
2024-02-11T14:29:48.797Z

Last Modified Date
2024-04-18T19:07:37.880Z

Weakness Enumerations

CWE	URL
CWE-121	http://cwe.mitre.org/data/definitions/121.html

References

Reference URL	Reference Tags
https://access.redhat.com/security/cve/CVE-2024-1151	vdb-entry x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2262241	issue-tracking x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3LZROQAX7Q7LEP4F7WQ3KUZKWCZGFFP2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GS7S3XLTLOUKBXV67LLFZWB3YVFJZHRK/
https://lore.kernel.org/all/20240207132416.1488485-1-aconole@redhat.com/

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-1151
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1151

History

Created	Old Value	New Value	Data Type	Notes
2024-06-26 05:35:58				Added to TrackCVE