medium
5.5
CWE
459
Advisory Published
CVE Published
Updated

CVE-2024-26803: net: veth: clear GRO when clearing XDP even when down

First published: Thu Apr 04 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2024-26803">CVE-2024-26803</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024040404-CVE-2024-26803-9985@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024040404-CVE-2024-26803-9985@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
redhat/kernel<5.15.151
5.15.151
redhat/kernel<6.1.81
6.1.81
redhat/kernel<6.6.21
6.6.21
redhat/kernel<6.7.9
6.7.9
redhat/kernel<6.8
6.8
debian/linux
5.10.223-1
5.10.234-1
6.1.129-1
6.1.128-1
6.12.20-1
6.12.21-1
Linux Kernel>=5.13<5.15.151
Linux Kernel>=5.16<6.1.81
Linux Kernel>=6.2<6.6.21
Linux Kernel>=6.7<6.7.9
Linux Kernel=6.8-rc1
Linux Kernel=6.8-rc2
Linux Kernel=6.8-rc3
Linux Kernel=6.8-rc4
Linux Kernel=6.8-rc5
Linux Kernel=6.8-rc6

Remedy

https://git.kernel.org/stable/c/16edf51f33f52dff70ed455bc40a6cc443c04664

Remedy

https://git.kernel.org/stable/c/7985d73961bbb4e726c1be7b9cd26becc7be8325

Remedy

https://git.kernel.org/stable/c/8f7a3894e58e6f5d5815533cfde60e3838947941

Remedy

https://git.kernel.org/stable/c/f011c103e654d83dc85f057a7d1bd0960d02831c

Remedy

https://git.kernel.org/stable/c/fe9f801355f0b47668419f30f1fac1cf4539e736

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-26803?

    CVE-2024-26803 is classified as a moderate severity vulnerability.

  • How do I fix CVE-2024-26803?

    To fix CVE-2024-26803, upgrade to kernel version 5.15.151, 6.1.81, 6.6.21, 6.7.9, 6.8, or relevant patched versions available for your distribution.

  • What software is affected by CVE-2024-26803?

    CVE-2024-26803 affects specific versions of the Linux kernel in Red Hat and Debian distributions.

  • What does CVE-2024-26803 exploit?

    CVE-2024-26803 exploits a vulnerability in the kernel networking stack impacting the veth driver.

  • Is CVE-2024-26803 present in earlier kernel versions?

    Yes, CVE-2024-26803 is present in earlier kernel versions before the specified remedial updates.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203