VDB
CISA-2024-1151
CISA-2024-1151
PUBLISHED
CVSS 5.5 MEDIUM
Reported by redhat · Published February 11, 2024
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result, this can lead to a crash or other related issues.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-503.11.1.el9_5 |
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-503.11.1.el9_5 |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.75.1.el9_2 |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.75.1.rt14.360.el9_2 |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 8 | |
| Red Hat | Red Hat Enterprise Linux 8 | |
| Red Hat | Red Hat Enterprise Linux 9 | |
| Red Hat | Red Hat Enterprise Linux 9 | |
| Red Hat | Red Hat Enterprise Linux 8 | |
| Red Hat | Red Hat Enterprise Linux 9 | 0:5.14.0-503.11.1.el9_5, *, 0:5.14.0-503.11.1.el9_5 |
| Red Hat | Red Hat Enterprise Linux 6 | |
| Red Hat | Red Hat Enterprise Linux 8 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 7 | |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.75.1.el9_2, 0:5.14.0-284.75.1.el9_2 |
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support | 0:5.14.0-284.75.1.rt14.360.el9_2, 0:5.14.0-284.75.1.rt14.360.el9_2 |
Timeline
- Feb 11, 2024 CVE Published
- Nov 7, 2025 CVE Updated
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
References
- RHSA-2024:4823 vendor-advisoryx_refsource_REDHAT
- RHSA-2024:4831 vendor-advisoryx_refsource_REDHAT
- RHSA-2024:9315 vendor-advisoryx_refsource_REDHAT
- vdb-entryx_refsource_REDHAT
- RHBZ#2262241 issue-trackingx_refsource_REDHAT
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3LZROQAX7Q7LEP4F7WQ3KUZKWCZGFFP2/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GS7S3XLTLOUKBXV67LLFZWB3YVFJZHRK/ url