CVE-2024-40999

Published: Jul 12, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that `first` flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A new reset reason for RX data corruption has been added.

Vendor	Product	Versions
Linux	Linux	affected `1738cd3ed342294360d6a74d4e58800004bff854 - < 42146ee5286f16f1674a84f7c274dcca65c6ff2e` affected `1738cd3ed342294360d6a74d4e58800004bff854 - < b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7`
Linux	Linux	affected `4.9` unaffected `0 - < 4.9` unaffected `6.9.7 - <= 6.9.` unaffected `6.10 - <= `

References

https://git.kernel.org/stable/c/42146ee5286f16f1674a84f7c274dcca65c6ff2e

https://git.kernel.org/stable/c/b37b98a3a0c1198bafe8c2d9ce0bc845b4e7a9a7

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-40999

Description

Affected Products

References