Bug 2278266 (CVE-2024-27015)

Summary: CVE-2024-27015 kernel: netfilter: flowtable: incorrect pppoe tuple
Product: [Other] Security Response Reporter: Zack Miele <zmiele>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: acaringi, allarkin, aquini, bhu, chwhite, cye, cyin, dbohanno, debarbos, dfreiber, drow, dvlasenk, esandeen, ezulian, hkrzesin, jarod, jburrell, jdenham, jfaracco, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, ldoskova, lgoncalv, lzampier, mleitner, mmilgram, mstowell, nmurray, psutter, ptalbert, rparrazo, rrobaina, rvrbovsk, rysulliv, scweaver, sidakwo, sukulkar, tglozar, tyberry, vkumar, wcosta, williams, wmealing, ycote, ykopkova, zhijwang
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: kernel 5.15.157, kernel 6.1.88, kernel 6.6.29, kernel 6.8.8, kernel 6.9-rc5 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2278267    
Bug Blocks: 2278552    

Description Zack Miele 2024-05-01 18:29:39 UTC 
In the Linux kernel, the following vulnerability has been resolved:

netfilter: flowtable: incorrect pppoe tuple

The Linux kernel CVE team has assigned CVE-2024-27015 to this issue.

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024050149-CVE-2024-27015-9ce1@gregkh/T
Comment 1 Zack Miele 2024-05-01 18:30:08 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2278267]
Comment 5 Phil Sutter 2024-06-21 16:00:13 UTC 
I don't see any relation to security in the CVE fixing commit. The effect is merely for PPPoE packages to not match the flowtable entry when they should and so continue to traverse the standard forwarding path through the kernel. This is bad because flowtables are unusable with PPPoE, but it's more or less just a lack of feature. Can we at least lessen severity/priority values and perhaps also contest the CVE itself?
Comment 6 Alex 2024-06-23 12:21:08 UTC 
In reply to comment #5:
> I don't see any relation to security in the CVE fixing commit. The effect is
> merely for PPPoE packages to not match the flowtable entry when they should
> and so continue to traverse the standard forwarding path through the kernel.
> This is bad because flowtables are unusable with PPPoE, but it's more or
> less just a lack of feature. Can we at least lessen severity/priority values
> and perhaps also contest the CVE itself?

Decreased to Low.
Comment 7 errata-xmlrpc 2024-11-12 09:24:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:9315 https://access.redhat.com/errata/RHSA-2024:9315