CVE-2024-27015

netfilter: flowtable: incorrect pppoe tuple

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

netfilter: flowtable: incorrect pppoe tuple

pppoe traffic reaching ingress path does not match the flowtable entry
because the pppoe header is expected to be at the network header offset.
This bug causes a mismatch in the flow table lookup, so pppoe packets
enter the classical forwarding path.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: tabla de flujo: tupla de pppoe incorrecta. El tráfico de pppoe que llega a la ruta de entrada no coincide con la entrada de la tabla de flujo porque se espera que el encabezado de pppoe esté en el desplazamiento del encabezado de red. Este error provoca una discrepancia en la búsqueda de la tabla de flujo, por lo que los paquetes pppoe ingresan a la ruta de reenvío clásica.

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-05-01 CVE Published
2024-05-24 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/72efd585f7144a047f7da63864284764596ccad9	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/e719b52d0c56989b0f3475a03a6d64f182c85b56	2024-04-27
https://git.kernel.org/stable/c/f1c3c61701a0b12f4906152c1626a5de580ea3d2	2024-04-27
https://git.kernel.org/stable/c/4ed82dd368ad883dc4284292937b882f044e625d	2024-04-27
https://git.kernel.org/stable/c/e3f078103421642fcd5f05c5e70777feb10f000d	2024-04-27
https://git.kernel.org/stable/c/6db5dc7b351b9569940cd1cf445e237c42cd6d27	2024-04-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.13 < 5.15.157 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 5.15.157"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.13 < 6.1.88 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.1.88"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.13 < 6.6.29 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.6.29"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.13 < 6.8.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.8.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.13 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.13 < 6.9"		en		Affected