2327955 – (CVE-2024-11614) CVE-2024-11614 dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

Bug 2327955 (CVE-2024-11614) - CVE-2024-11614 dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

Summary: CVE-2024-11614 dpdk: Denial Of Service from malicious guest on hypervisors us...

Keywords:
Status:	NEW
Alias:	CVE-2024-11614
Deadline:	2024-12-17
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2335036 2335035
Blocks:
TreeView+	depends on / blocked

Reported:	2024-11-22 04:24 UTC by OSIDB Bzimport
Modified:	2025-04-17 00:18 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2025:0208	None	None	None	2025-01-09 15:29:09 UTC
Red Hat Product Errata	RHSA-2025:0209	None	None	None	2025-01-09 15:29:40 UTC
Red Hat Product Errata	RHSA-2025:0210	None	None	None	2025-01-09 15:26:44 UTC
Red Hat Product Errata	RHSA-2025:0211	None	None	None	2025-01-09 15:18:53 UTC
Red Hat Product Errata	RHSA-2025:0220	None	None	None	2025-01-09 16:57:39 UTC
Red Hat Product Errata	RHSA-2025:0221	None	None	None	2025-01-09 16:53:02 UTC
Red Hat Product Errata	RHSA-2025:0222	None	None	None	2025-01-09 16:57:56 UTC
Red Hat Product Errata	RHSA-2025:3963	None	None	None	2025-04-17 00:05:59 UTC
Red Hat Product Errata	RHSA-2025:3964	None	None	None	2025-04-17 00:11:36 UTC
Red Hat Product Errata	RHSA-2025:3965	None	None	None	2025-04-17 00:18:25 UTC
Red Hat Product Errata	RHSA-2025:3970	None	None	None	2025-04-17 00:11:45 UTC

Description OSIDB Bzimport 2024-11-22 04:24:53 UTC

From DPDK v21.05, DPDK Vhost library checksum offload feature introduced a security vulnerability enabling an untrusted or compromised guest to crash hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads.

Affected versions are only vulnerable if the Vhost-based application registers devices with the RTE_VHOST_USER_NET_COMPLIANT_OL_FLAGS flag.

Comment 5 errata-xmlrpc 2025-01-09 15:18:52 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:0211 https://access.redhat.com/errata/RHSA-2025:0211

Comment 6 errata-xmlrpc 2025-01-09 15:26:42 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2025:0210 https://access.redhat.com/errata/RHSA-2025:0210

Comment 7 errata-xmlrpc 2025-01-09 15:29:07 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2025:0208 https://access.redhat.com/errata/RHSA-2025:0208

Comment 8 errata-xmlrpc 2025-01-09 15:29:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2025:0209 https://access.redhat.com/errata/RHSA-2025:0209

Comment 9 errata-xmlrpc 2025-01-09 16:53:01 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:0221 https://access.redhat.com/errata/RHSA-2025:0221

Comment 10 errata-xmlrpc 2025-01-09 16:57:38 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2025:0220 https://access.redhat.com/errata/RHSA-2025:0220

Comment 11 errata-xmlrpc 2025-01-09 16:57:54 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2025:0222 https://access.redhat.com/errata/RHSA-2025:0222

Comment 13 errata-xmlrpc 2025-04-17 00:05:58 UTC

This issue has been addressed in the following products:

  Fast Datapath for Red Hat Enterprise Linux 9

Via RHSA-2025:3963 https://access.redhat.com/errata/RHSA-2025:3963

Comment 14 errata-xmlrpc 2025-04-17 00:11:34 UTC

This issue has been addressed in the following products:

  Fast Datapath for Red Hat Enterprise Linux 9

Via RHSA-2025:3964 https://access.redhat.com/errata/RHSA-2025:3964

Comment 15 errata-xmlrpc 2025-04-17 00:11:44 UTC

This issue has been addressed in the following products:

  Fast Datapath for Red Hat Enterprise Linux 8

Via RHSA-2025:3970 https://access.redhat.com/errata/RHSA-2025:3970

Comment 16 errata-xmlrpc 2025-04-17 00:18:24 UTC

This issue has been addressed in the following products:

  Fast Datapath for Red Hat Enterprise Linux 9

Via RHSA-2025:3965 https://access.redhat.com/errata/RHSA-2025:3965

Note You need to log in before you can comment on or make changes to this bug.